iOS app transport security: possible to disable, except for domain XY?

Question

I know that it's possible to enable app transport security and add exceptions where it should be disabled. Is it also possible to have it the opposite way, i.e. disable it for all domains, except for www.mydomain.com?

Answer 1

Yes, to do this, you set the global ATS exception NSAllowsArbitraryLoads to "YES", and then add an exception domain that has NSExceptionsAllowsInsecureHTTPLoads set to "NO".

Something like this:

Note: I believe Apple will still ask you for justification of this exception when the 12/31/2016 deadline arrives if you try to submit to the App Store.