Its assigned to an engineer. I don’t know where it falls in his priorities to look at however. Can you drop back to 2830 and see if you have the same problem there?
Rob
Its assigned to an engineer. I don’t know where it falls in his priorities to look at however. Can you drop back to 2830 and see if you have the same problem there?
Rob
Still no news on this case …
Anyone here succeeds in making network calls in OS X applications (published in the Mac App Store) ?
When building for distribution the app gets sandboxed, so you need to add the entitlements for network access when doing that.
put this in you build.settings
settings = { osx = { entitlements = { ["com.apple.security.network.client"] = true, }, }, }
Hello everybody.
I have maybe the same problem.
I am playing around with a simple webview app.
I included the ATS things (allow all, or just specific domains) and the recomendation from ojnab in the build settings, but I always get:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
The weird thing is, that on the mac simulator it is working and a build on another machine worked as well. I am not sure about the other machine but it is not working on El Capitan (10.11.5)
Best,
Felix
Did you include the entitlements suggested a post above?
Yes.
Whereas it was working without on the other machine…
Just tested it again on the first machine that runs Yosemite (10.10.5) and it works like expected. Am I right in assuming that this is pre ATS?
Dont know if it is important, but the version of xcode installed on this machine (where it works) is 7.2.1.
Best,
Felix
ATS appears to be a 10.11 El Capitan feature: https://developer.apple.com/library/mac/releasenotes/MacOSX/WhatsNewInOSX/Articles/MacOSX10_11.html
I don’t think Xcode versions will matter.
Ah, ok. So this is a real ATS problem.
Any idea what else to test?
Or is this something you are aware of?
I am testing without any provisioning profile, I chose ‘none’.
This might cause the problem?
Best,
Felix
First of all. Try connecting to an HTTPS address. If that works, its ATS and perhaps something’s not right in the build settings, or we may need to get an engineer to make sure the ATS settings are getting copied correctly. If it doesn’t work then we may have some other things to look at.
You need a provisioning profile.
The OP was trying to use Lua sockets to open a port directly. If you have control over the website, then setup SSL so you can use https:// if you’re not encourage the website to setup https.
This will be a hard requirement by Apple as of December 2016. The build.settings overrides will be ignored after the release of macOS Sierra and iOS 10. You have to get a written approval from Apple to use unencrtyped web sites. See:
Now this is tangentially related. If you have control over your website and you’ve not added SSL support because of the documentation needed, the cost, the difficulty, then you need to check out:
Today, SSL certificates are free. They can be installed with as little as two clicks with some web hosting services (check the site to SSL, hit submit). I was hosting my websites at a site that didn’t support SSL. I found a hosting company who did and would transfer my entire hosting account as part of the setup (after fighting a few glitches due to my old host not following some standards), after a day, I was up and SSL’s on every site hosted there (and at half the price!). For my Digital Ocean account, I had to install a small script, and run it. Type in the domain names, I wanted to secure and the script did the rest.
Hello Rob, sorry for the delay.
I tried https://www.google.com and it works, even without provisioning profile.
I tried to create a provisioning profile and built the app again to connect to the unsecure url, but without success.
I will try and create a secure page to load, but it seems to me that there might be some problem with the App Transport Security settings on OSX Apps…
Best,
Felix
@Felix B. Can you post your build.settings please?
Can you confirm the version of Corona SDK you are running as well?
Thanks
Rob
Hei Rob, this is the build.settings:
-- -- For more information on build.settings see the Corona SDK Build Guide at: -- https://docs.coronalabs.com/guide/distribution/buildSettings -- settings = { orientation = { -- Supported values for orientation: -- portrait, portraitUpsideDown, landscapeLeft, landscapeRight default = "portrait", supported = { "portrait", }, }, excludeFiles = { -- Include only the necessary icon files on each platform iphone = { "Icon-\*dpi.png", }, android = { "Icon.png", "Icon-Small-\*.png", "Icon\*@2x.png", }, }, window = { -- Settings for the desktop window; applies to both OS X and Win32 desktop apps defaultMode = "normal", defaultViewWidth = 250, defaultViewHeight = 70, resizable = false, titleText = { -- The "default" text will be used if the system is using a language and/or -- country code not defined below. This serves as a fallback mechanism. default = "My App Name", -- This text is used on English language systems in the United States. -- Note that the country code must be separated by a dash (-). --["en‐us"] = "Window Title Test (English‐USA)", -- This text is used on English language systems in the United Kingdom. -- Note that the country code must be separated by a dash (-). --["en‐gb"] = "Window Title Test (English‐UK)", -- This text is used for all other English language systems. ["en"] = "My App Name", -- This text is used for all French language systems. --["fr"] = "Window Title Test (French)", -- This text is used for all Spanish language systems. --["es"] = "Window Title Test (Spanish)", }, }, osx = { entitlements = { ["com.apple.security.network.client"] = true, }, }, -- -- iOS Section -- iphone = { plist = { NSAppTransportSecurity = { --NSAllowsArbitraryLoads = true, NSExceptionDomains = { ["myDomain.com"] = { NSIncludesSubdomains = true, NSThirdPartyExceptionAllowsInsecureHTTPLoads = true, NSTemporaryExceptionMinimumTLSVersion = "1.0", NSTemporaryExceptionRequiresForwardSecrecy = false, NSAllowsArbitraryLoads = true, }, }, }, UIStatusBarHidden = false, UIPrerenderedIcon = true, -- set to false for "shine" overlay --UIApplicationExitsOnSuspend = true, -- uncomment to quit app on suspend NSHumanReadableCopyright = "Copyright © 2016 Antena 1", CFBundleIconFiles = { "Icon.png", "Icon@2x.png", "Icon-167.png", "Icon-60.png", "Icon-60@2x.png", "Icon-60@3x.png", "Icon-72.png", "Icon-72@2x.png", "Icon-76.png", "Icon-76@2x.png", "Icon-Small.png", "Icon-Small@2x.png", "Icon-Small@3x.png", "Icon-Small-40.png", "Icon-Small-40@2x.png", "Icon-Small-50.png", "Icon-Small-50@2x.png", }, }, }, -- -- Android Section -- android = { usesPermissions = { "android.permission.INTERNET", }, }, }
I actually tried a lot of combinations in the NSAppTransportSecurity table, without success.
The build I used to build the version with the provisioning profile is 2016.2913
Anything wrong in the build settings?
Thanks,
Felix
Can you add this block to the “osx” table:
osx = { plist = { NSAppTransportSecurity = { --NSAllowsArbitraryLoads = true, NSExceptionDomains = { ["myDomain.com"] = { NSIncludesSubdomains = true, NSThirdPartyExceptionAllowsInsecureHTTPLoads = true, NSTemporaryExceptionMinimumTLSVersion = "1.0", NSTemporaryExceptionRequiresForwardSecrecy = false, NSAllowsArbitraryLoads = true, }, }, }, }, },
Hello Rob,
shame on me, and sorry for the trouble.
THis works, even without a provisioning profile…
(Whereas I had to enable arbitrary loads, so everything works fine, the settings above caused something in the page to be blocked so it did not load…)
Anyway, thank you a lot!
Felix