Re: Application Transport Security deadline for iOS apps

Mon, 11 Jul 2016 06:54:56 -0700 

On 2016-07-11 14:25, Paul Dupuis wrote:

I realize that LiveCode has no influence over Apple, but this is one of
the most bone-headed thing Apple has ever done to it's developers. There 
are millions of web servers out there without any logins, serving
publicly available data or information, that do not need to be encrypted 
and the small organizations that run them will not add SSL certs for
HTTPS service. They don't have the technical expertise, or time, and
will not spend the money to pay to have it done. Developers who scrape
data off web sites that they have no control over will have their apps
break with no effective way to ever fix them. Aside from broken Apps,
Apple will, in effect, be censoring a large part of the internet from
it's iOS users unless their own browser still allows HTTP (in which case 
they are being hypocrites). I truly hope someone sues them over such
censorship on 1st amendment (freedom of speech) grounds.



It seems that Apple are putting the infrastructure in place to deal with 
the situations you describe:



  
http://www.techrepublic.com/article/how-to-migrate-to-https-using-app-transport-security-when-developing-ios-apps/



In particular, when ATS is enforced, you will still be able to request 
exceptions in the info plist - as long as you can justify them.



For example, you might have a hard time justifying an exception for your 
own server for a new app you have just written; however, you won't have 
a hard time justifying the need to add an exception for 
www.somepublicsitewhichisnothttpsyet.org over which you have no control.



Of course, Apple will likely become more and more strict over time - but 
it sounds like there is still 'plenty' of time for third-party HTTP-only 
services to upgrade. I imagine there will be a great deal less time for 
web services owned and controlled by the app vendor to do the same, 
however.


Warmest Regards,

Mark.

--
Mark Waddingham ~ m...@livecode.com ~ http://www.livecode.com/
LiveCode: Everyone can create apps

_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription 
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode






















					Reply via email to