Differences between Playground App and Sidekick


#1

I am developing an app which get data from webservices over HTTP.

Under Playground Preview (Testing on iOS and Android) the app works fine and will download data via HTTP.

I then downloaded the app from play.nativescript.org and opened in Sidekick, created the necessary provisioning profiles and certificates to run the app.

The app fails because it now requires a secure connection (HTTPS) to use the web services. The error is:-

Alert Error: The resource could not be loaded because the App Transport Security Policy requires the use of a secure connection.

Why on one hand play works on the device but sidekick doesn’t.

How can I get round the requirement for HTTPS we do not require such a connection as the data is not deemed sensitive.


#2

Hi, the Playground apps run inside a wrapper app that (likely) has this app transport security setting disabled to accomodate for any backend service Playground apps require.

When downloaded you’re no longer running inside the wrapper app which means you can tweak these kinds of settings to your app’s liking. In this case, add this to app/App_Resources/iOS/Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

#3

Please note though, (if it hasn’t happened already) at some point HTTPS it’s gonna be mandatory https://forums.developer.apple.com/thread/48979
https://forums.developer.apple.com/message/15705#15705

Use LetsEncrypt, free SSL, everyones happy!


#4

Yes I realise this but not happy. There are valid reasons for requiring SSL and valid reasons for not. I run a voluntary site and app and the cost of the SSL certificate will have to be covered by me yet the site carries nothing but team details, no personal information or a requirement for encryption. The choice should be ours to decide not for others to dictate.


#5

Yeah but LetsEncrypt solves this by providing free SSL, so there is no cost