I'm upgrading an iOS app to iOS 9, and I have some URLs that are not secure, and I need a few exceptions to App Transport Security. I've added the two that I know about, but there are some warnings happening now stating:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
Editor Note: @jessedc points out in the comments below the link to the official Apple documentation on how to do this: https://developer.apple.com/library/mac/qa/qa1887/_index.html
Okay, I have an answer I don't like! I still very much want a better one.
application:didFinishLaunchingWithOptions: method I added the line
setenv("CFNETWORK_DIAGNOSTICS", "3", 1);
When I ran the app then, in the log I can find an entry that looks like this:
2015-07-02 15:27:56.152 MyApp[45041:9125662] CFNetwork diagnostics log file created at: /Users/micah.hainline/Library/Developer/CoreSimulator/Devices/ 11BCA581-5F5F-494D-932A-2ECFCA33EA93/data/Containers/Data/Application/ 9ACC6941-8039-4B86-B5E8-A6C66E2AD520/Library/Logs/CrashReporter/CFNetwork_com .myapp.MyApp_45041.nwlrb.log
When I open that file I have a huge number of log entries about everything that's happened on the network. I search for
kCFErrorDomainCFNetwork in that file and get logs for failed network requests. I can use that to see what URLs the system was trying to hit, and then can add that URL to the exceptions for App Transport Security.