Preparing for iOS 9
 September 9, a new release of iOS and OS X will be released. There is less and less time, and many developers have already optimized their applications to work on new OSs. For those who have not yet done so, I suggest briefly considering what is needed to support iOS 9.
In iOS 9, App Transport Security technology has emerged that helps make data transfer over the network more secure. It is enabled by default, so if your server does not meet the ATS requirements, then the connection will fail.
')
However, ATS can be customized. The
It can be seen that the connection will succeed only if you disable Perfect Forward Secrecy , therefore in the
Consider the basic configurations of ATS.
You can completely disable ATS by specifying the

For applications that open external links in the embedded browser, you must disable ATS for all connections, except connections to the API server.
In iOS 9, App Thinning technology appeared , which allows you to optimize the size of the application being installed. Now in Xcode 7 during the compilation of a bitcode generated for the platforms that are supported by the application. This option is enabled by default. However, some third-party libraries are not yet compiled with a bitcode. If your application uses such libraries, the generation of the bitcode must be disabled. We
In iOS 9, the behavior of the

If your application uses the Facebook SDK, then you need to configure ATS and the list of schemes as Facebook recommends on the Preparing Your Apps for iOS 9 page. You should also pay attention to other third-party libraries that connect to their servers or open third-party applications.
Correct setting of ATS, bitcode and list of schemes - this is the main thing that needs to be done for the application to work correctly on iOS 9. This is easy, especially if you understand why it is necessary and how it is done correctly. After all, this knowledge will be useful not only when switching from iOS 8 SDK, but also in the future when creating new projects.
App Transport Security
In iOS 9, App Transport Security technology has emerged that helps make data transfer over the network more secure. It is enabled by default, so if your server does not meet the ATS requirements, then the connection will fail.
An SSL error has occurred and a secure connection to the server cannot be made.
')
However, ATS can be customized. The
nscurl command will help you understand what settings you need to configure. For example, for Yandex:nscurl --ats-diagnostics http://ya.ru <...> Default ATS Secure Connection --- ATS Default Connection 2015-08-28 11: 51: 06.868 nscurl [7019: 8960694] NSURLSession / NSURLConnection HTTP load failed (kCFStreamErrorDomainSSL, -9802) Result: FAIL --- <...> Configuring PFS exceptions for ya.ru --- Disabling Perfect Forward Secrecy Result: PASS --- <...>
It can be seen that the connection will succeed only if you disable Perfect Forward Secrecy , therefore in the
Info.plist file for the ya.ru domain you must specify NSExceptionRequiresForwardSecrecy=NO .Consider the basic configurations of ATS.
Disable ATS
You can completely disable ATS by specifying the
NSAllowsArbitraryLoads=YES flag. This configuration is recommended only for debugging.
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict> Disable PFS for all subdomains
<key>NSAppTransportSecurity</key> <dict> <key>NSExceptionDomains</key> <dict> <key>ya.ru</key> <dict> <key>NSIncludesSubdomains</key> <true/> <key>NSExceptionRequiresForwardSecrecy</key> <false/> </dict> </dict> </dict> Disable ATS for all but one connection
For applications that open external links in the embedded browser, you must disable ATS for all connections, except connections to the API server.
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> <key>NSExceptionDomains</key> <dict> <key>ya.ru</key> <dict> <key>NSExceptionRequiresForwardSecrecy</key> <false/> <key>NSExceptionAllowsInsecureHTTPLoads</key> <false/> </dict> </dict> </dict> Bitcode
In iOS 9, App Thinning technology appeared , which allows you to optimize the size of the application being installed. Now in Xcode 7 during the compilation of a bitcode generated for the platforms that are supported by the application. This option is enabled by default. However, some third-party libraries are not yet compiled with a bitcode. If your application uses such libraries, the generation of the bitcode must be disabled. We
ENABLE_BITCODE=NO in the project ENABLE_BITCODE=NO .
Transitions to third-party applications
In iOS 9, the behavior of the
canOpenURL: method has changed. Now you need to declare a list of schemes that are used to go to third-party applications. This is done using the LSApplicationQueriesSchemes key in the Info.plist file. For example, if your application opens Yandex.Navigator, the configuration will look like this: <key>LSApplicationQueriesSchemes</key> <array> <string>yandexnavi</string> </array> 
Facebook SDK
If your application uses the Facebook SDK, then you need to configure ATS and the list of schemes as Facebook recommends on the Preparing Your Apps for iOS 9 page. You should also pay attention to other third-party libraries that connect to their servers or open third-party applications.
Total
Correct setting of ATS, bitcode and list of schemes - this is the main thing that needs to be done for the application to work correctly on iOS 9. This is easy, especially if you understand why it is necessary and how it is done correctly. After all, this knowledge will be useful not only when switching from iOS 8 SDK, but also in the future when creating new projects.
Successes!
Source: https://habr.com/ru/post/265767/
All Articles