Search code examples
iosxcodeapp-transport-security

Accessing local ip address using xcode

Im trying to acces a local ip address so that i can change/update information on a local raspberry pi. Namely im using the following: 

https://github.com/Jopyth/MMM-Remote-Control

ive updated my plist to look like this:

<?xml version="1.0" encoding="UTF-8"?>
    <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
    <plist version="1.0">
    <dict>
        <key>CFBundleDevelopmentRegion</key>
        <string>en</string>
        <key>CFBundleExecutable</key>
        <string>$(EXECUTABLE_NAME)</string>
        <key>CFBundleIdentifier</key>
        <string>$(PRODUCT_BUNDLE_IDENTIFIER)</string>
        <key>CFBundleInfoDictionaryVersion</key>
        <string>6.0</string>
        <key>CFBundleName</key>
        <string>$(PRODUCT_NAME)</string>
        <key>CFBundlePackageType</key>
        <string>APPL</string>
        <key>CFBundleShortVersionString</key>
        <string>1.0</string>
        <key>CFBundleVersion</key>
        <string>1</string>
        <key>LSApplicationCategoryType</key>
        <string></string>
        <key>LSRequiresIPhoneOS</key>
        <true/>
        <key>NSAppTransportSecurity</key>
        <dict>
            <key>NSExceptionDomains</key>
            <dict>
                <key>http://192.168.0.40</key>  // need to add your domain name of webservice
                <dict>
                    <key>NSIncludesSubdomains</key>
                    <true/>
                    <key>NSExceptionAllowsInsecureHTTPLoads</key>
                    <true/>
                    <key>NSExceptionRequiresForwardSecrecy</key>
                    <true/>
                    <key>NSExceptionMinimumTLSVersion</key>
                    <string>TLSv1.2</string>
                    <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
                    <false/>
                    <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
                    <true/>
                    <key>NSThirdPartyExceptionMinimumTLSVersion</key>
                    <string>TLSv1.2</string>
                    <key>NSRequiresCertificateTransparency</key>
                    <false/>
                </dict>
            </dict>
        </dict>
        <key>NSTemporaryExceptionMinimumTLSVersion</key>
        <string>TLSv1.1</string>
        <key>UILaunchStoryboardName</key>
        <string>LaunchScreen</string>
        <key>UIMainStoryboardFile</key>
        <string>Main</string>
        <key>UIRequiredDeviceCapabilities</key>
        <array>
            <string>armv7</string>
        </array>
        <key>UISupportedInterfaceOrientations</key>
        <array>
            <string>UIInterfaceOrientationPortrait</string>
            <string>UIInterfaceOrientationLandscapeLeft</string>
            <string>UIInterfaceOrientationLandscapeRight</string>
        </array>
        <key>UISupportedInterfaceOrientations~ipad</key>
        <array>
            <string>UIInterfaceOrientationPortrait</string>
            <string>UIInterfaceOrientationPortraitUpsideDown</string>
            <string>UIInterfaceOrientationLandscapeLeft</string>
            <string>UIInterfaceOrientationLandscapeRight</string>
        </array>
    </dict>
    </plist>

but i still get a blank, albeit dark page when loading on a sim or device.

Im making the most basic of apps so that my brother can access his magic mirror when he is home to update it but i cant seem to see the local ip adress. Any help would be great.

Solution

  • Actually, the real problem is that ATS exception domains do not work with IP addresses. It only works with domain names.

    Options:

    Option 1 - disable ATS

    Turning off ATS altogether is a not a great idea if you are submitting your app to the app store - doing so will cause you to justify that decision if you wish to submit to the app store when Apple starts enforcing that rule. Normally I do not recommend this as an option on SO. However, considering that you are puttinga hard coded IP address in there, I suspect this is a single use app created for a particular use case, and you will not need to submit to Apple for review (you will probably be installing directly on a device using a development provisioning profile). If that's the case, I would just disable ATS entirely using the NSAllowsArbitraryLoads key in your Info.plist.

    enter image description here

    This will disable all ATS protections, but if your app is only communicating with the local network entity via HTTPS, App Transport Security wouldn't have been protecting anything anyway.

    Option 2 - use NSAllowsLocalNetworking

    If you put both NSAllowsArbitraryLoads and NSAllowsLocalNetworking in your Info.plist, in iOS 9, you will disable ATS entirely, but in iOS 10 (the first version that supported the NSAllowsLocalNetworking setting), iOS will ignore the NSAllowsArbitraryLoads and only disable ATS on local network calls. This would be more secure, but if you're ONLY making local networking calls, I would just disable ATS (Option 1).

    Option 3 - xip.io

    If you want to leave ATS on, others have had success using xip.io service to "convert" the local IP address to a domain name. So you would add xip.io to the Exception domains, set the subvalue for NSIncludesSubdomains to true. Then when you connect to your domain, instead of connecting to 192.168.0.40 you would connect to 192.168.0.40.xip.io