I am using a single https static URL in my iOS application. I want to secure that using ATS. I am confused which exception should be used in .plist file.
1-NSIncludesSubdomains 2-NSExceptionAllowsInsecureHTTPLoads 3-NSExceptionRequiresForwardSecrecy 4-NSExceptionMinimumTLSVersion 5-NSThirdPartyExceptionAllowsInsecureHTTPLoads 6-NSThirdPartyExceptionRequiresForwardSecrecy 7-NSThirdPartyExceptionMinimumTLSVersion
Thanks in advance
You don't need to add any flags in ATS to enable secure communication. ATS flags are used to exclude domains from requiring https communication.
Make sure your url you use starts with https and it will connect securely.
Now, there are more advanced things you can do, such as certificate pinning, but that doesn't involve ATS, and I'd recommend using something like Alamofire to help do all that configuration properly.