kylefang/react-native
1
0
Fork 0
mirror of https://github.com/zhigang1992/react-native.git synced 2026-04-28 20:25:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update networking documentation regarding Apple ATS.

Browse Source 
Summary:
Apple's App Store review guidelines are changing in January 2017. Disabling Apple Transport Security (ATS) will now require reasonable justification to the Apple App Store review board.

The documentation currently suggests disabling ATS completely under certain circumstances. This could cause applications developed with React Native to fail review next year.

The documentation has been updated to give readers a warning about the upcoming changes, allowing them to prepare their servers for HTTPS if necessary.

Screenshot of the change:

![website screenshot](https://cloud.githubusercontent.com/assets/1478253/20237892/d0d5fcb8-a8d6-11e6-917f-e913822f0e59.png)
Closes https://github.com/facebook/react-native/pull/10893

Differential Revision: D4175830

Pulled By: hramos

fbshipit-source-id: 1d9fe50d567151879c7adf7324401f177118d909
This commit is contained in:
ceeK
2016-11-14 08:40:34 -08:00
committed by Facebook Github Bot
parent e7c85cea36
commit 16b2d5aa15
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
docs/Networking.md
View File

@@ -75,7 +75,7 @@ You can also use the proposed ES2017 `async`/`await` syntax in a React Native ap
Don't forget to catch any errors that may be thrown by `fetch`, otherwise they will be dropped silently.
> By default, iOS will block any request that's not encrypted using SSL. If you need to fetch from a cleartext URL (one that begins with `http`) you will first need to add an App Transport Security exception. If you know ahead of time what domains you will need access to, it is more secure to add exceptions just for those domains; if the domains are not known until runtime you can [disable ATS completely](/react-native/docs/integration-with-existing-apps.html#app-transport-security). [See Apple's documentation for more information](https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33).
> By default, iOS will block any request that's not encrypted using SSL. If you need to fetch from a cleartext URL (one that begins with `http`) you will first need to add an App Transport Security exception. If you know ahead of time what domains you will need access to, it is more secure to add exceptions just for those domains; if the domains are not known until runtime you can [disable ATS completely](/react-native/docs/integration-with-existing-apps.html#app-transport-security). Note however that from January 2017, [Apple's App Store review will require reasonable justification for disabling ATS](https://forums.developer.apple.com/thread/48979). See [Apple's documentation](https://developer.apple.com/library/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33) for more information.
### Using Other Networking Libraries