We know that apple has implemented ATS beginning this year. However, when I open an app like Yelp, I am able to open up virtually every plain http URL in app; opening up a restaurant website for instance. However, I was under the impression this was not allowed.
I wanted to ask, especially after looking at former SO questions (though many are from 2015), as small developers, are we able to implement this feature ourselves? Do we have the power to allow arbitraryLoads or NSTemporaryExceptionAllowsInsecureHTTPLoads in the info.plist that would be allowed in the app store review process?
Down vote if you must, but I'm looking for an answer from the community with experience.
The recommended way to do this is to load any arbitrary web content in a SFSafariViewController within your app. Content loaded in the SFSafariViewController is basically the same as running within Safari, and does not require all sites to conform to Apple's ATS requirements.
Alternatively, if you need to use older components to load web content (e.g. WKWebView), there is a NSAllowsArbitraryLoadsInWebContent exception that you could use, but that is challenging, because that exception was only supported in iOS 10+, so if you support iOS 9 in your app, you have to do a weird combination of the NSAllowsArbitraryLoadsInWebContent and NSAllowsArbitraryLoads exceptions. This will cause you to provide justification to Apple due to the use of NSAllowsArbitraryLoads. At this point, I would recommend the SFSafariViewController route.