matheusmello.io
Back to all articles

The resource could not be loaded because the App Transport Security policy requires the use of a secure connection

Matheus Mello
Matheus Mello
September 2, 2023
Cover Image for The resource could not be loaded because the App Transport Security policy requires the use of a secure connection

The App Transport Security Problem: How to Solve It

Are you facing a frustrating error when trying to load a resource because the App Transport Security policy requires a secure connection? Don't worry, you're not alone. Many developers have encountered this issue, especially after updating their Xcode to version 7.0 or iOS to version 9.0.

Let's dive into the possible causes of this error and discuss some easy solutions.

Understanding the Error

The error message you might be seeing is:

Connection failed: The resource could not be loaded because the App Transport Security policy requires the use of a secure connection.

Why Does This Happen?

Starting from iOS 9.0, Apple introduced a new security feature called App Transport Security (ATS). ATS enforces secure connections when accessing web services by default. This means that if your app tries to access a non-secure resource (e.g. using HTTP instead of HTTPS), it will be blocked.

Possible Solutions

Solution 1: Update the Server to Use HTTPS

The recommended solution is to update your server to support HTTPS and use it for all your web service requests. This ensures a secure connection and complies with Apple's ATS policy. Contact your server administrator or hosting provider to enable HTTPS on your server and configure it properly.

Solution 2: Whitelist Specific Domains

If updating the server to use HTTPS is not feasible for any reason, you can whitelist specific domains in your app's Info.plist file to allow non-secure connections for those domains. Here's how to do it:

  1. Open your app's Info.plist file. (Info.plist)

  2. Add a new key called NSAppTransportSecurity if it doesn't already exist.

  3. Under NSAppTransportSecurity, add a new subkey called NSExceptionDomains.

  4. Add a dictionary for each domain you want to whitelist. The key should be the domain name (e.g., example.com) and the value should be another dictionary.

  5. Inside the domain dictionary, you can specify additional exceptions, such as allowing non-secure requests (NSAllowsArbitraryLoads) or specifying specific subdomains (NSIncludesSubdomains).

Here's a sample configuration for whitelisting a single domain:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>example.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSTemporaryExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSTemporaryExceptionMinimumTLSVersion</key>
            <string>TLSv1.1</string>
        </dict>
    </dict>
</dict>

Note: Whitelisting domains should be done carefully, as it might introduce potential security risks. Make sure to review and understand the implications before implementing this solution.

Solution 3: Allow Arbitrary Loads

If you're in a testing or development environment and need a quick solution, you can temporarily allow all non-secure connections by disabling App Transport Security. This is not recommended for production apps but can be a viable option during development. Here's how to do it:

  1. Open your app's Info.plist file. (Info.plist)

  2. Add a new key called NSAppTransportSecurity if it doesn't already exist.

  3. Under NSAppTransportSecurity, add a new key called NSAllowsArbitraryLoads.

  4. Set the value of NSAllowsArbitraryLoads to true.

Note: Remember to re-enable App Transport Security and use secure connections (HTTPS) in your production app to ensure the privacy and security of your users' data.

Still Having Trouble?

If none of the solutions above worked for you or if you have any other questions, we're here to help. You can check out the Stack Overflow links you mentioned, but sometimes they might not have the latest and most effective solutions.

Feel free to reach out to us with the details of your problem, and our team of experts will assist you in finding the best solution.

Conclusion

The App Transport Security error can be frustrating, but don't let it hinder your app development progress. By understanding the error, implementing the recommended solutions, and following secure coding practices, you can ensure that your app interacts with web services smoothly and securely.

Remember, it's essential to prioritize the privacy and security of your users' data, and implementing secure connections is a crucial step in achieving that.

Don't let App Transport Security get in the way of your app's success. Take action now and provide your users with a seamless and secure experience.

💪🔒🚀

Take Your Tech Career to the Next Level

Our application tracking tool helps you manage your job search effectively. Stay organized, track your progress, and land your dream tech job faster.

Try Our Free Tool
Your Product
Product promotion

Share this article

More Articles You Might Like

Latest Articles

Cover Image for How can I echo a newline in a batch file?
batch-filenewlinewindows

How can I echo a newline in a batch file?

Published on March 20, 2060

🔥 💻 🆒 Title: "Getting a Fresh Start: How to Echo a Newline in a Batch File" Introduction: Hey there, tech enthusiasts! Have you ever found yourself in a sticky situation with your batch file output? We've got your back! In this exciting blog post, we

Cover Image for How do I run Redis on Windows?
rediswindows

How do I run Redis on Windows?

Published on March 19, 2060

# Running Redis on Windows: Easy Solutions for Redis Enthusiasts! 🚀 Redis is a powerful and popular in-memory data structure store that offers blazing-fast performance and versatility. However, if you're a Windows user, you might have stumbled upon the c

Cover Image for Best way to strip punctuation from a string
punctuationpythonstring

Best way to strip punctuation from a string

Published on November 1, 2057

# The Art of Stripping Punctuation: Simplifying Your Strings 💥✂️ Are you tired of dealing with pesky punctuation marks that cause chaos in your strings? Have no fear, for we have a solution that will strip those buggers away and leave your texts clean an

Cover Image for Purge or recreate a Ruby on Rails database
rakeruby-on-railsruby-on-rails-3

Purge or recreate a Ruby on Rails database

Published on November 27, 2032

# Purge or Recreate a Ruby on Rails Database: A Simple Guide 🚀 So, you have a Ruby on Rails database that's full of data, and you're now considering deleting everything and starting from scratch. Should you purge the database or recreate it? 🤔 Well, my