Is a SSL certificate still needed in a Flutter webview?
We currently have an Angular web app created for an online ordering utility. But we want to create a native app out of it, and we wanted to use Flutter.
At first, though we just want to use a webview to show the existing Angular app through there.
The problem is, we wanted to do this because we also wanted to get rid of the need for an SSL certificate to access the app through a phone.
Is it still necessary to have an SSL certificate for a webview?
I imagine it is because it's still like accessing the webpage afterall, but I wanted to be sure.
By default, there is no option to bypass/ignore/proceed without SSL in webview_flutter and the flutter_webview_plugin has been almost deprecated and not updated for the last 2 years till this answer. but there is a solution available in webview_flutter.
It is recommended to use HTTPS calls only in Apps. Transport security was introduced in iOS 9.0, allowing only HTTPS calls from apps by default.
However, if you still want to allow all non-https calls - Add NSAppTransportSecurity (Dictionary) in Info.plist and Add a Subkey named NSAllowsArbitraryLoads with the boolean value YES. After the update, plist should look like
Method 1: In source code of info.plist file we can add that:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Method 2: Or you can do it in Xcode
- Opened my Project target's info.plist file
- Added a Key called NSAppTransportSecurity as a Dictionary.
- Added a Subkey called NSAllowsArbitraryLoads as Boolean and set its value to YES as in the following image.
