Category: Apple Developer News

Generally speaking, weather apps don’t threaten your life.

They don’t insult your life choices. They don’t tell you that the sun makes your skin look, and we’re quoting here, “like curdled oatmeal.” And they rarely, if ever, try to conquer the world.

Carrot Weather does all three — pretty much on a daily basis. But that’s not the most interesting thing about the meteorological marvel created by mild-mannered Philadelphia native Brian Mueller. Prior to launch, Mueller had no background in development, less background in meteorology, and frankly seems way too nice to have won an Apple Design Award with an app that routinely calls those who use it “meatbags.”

No, the most interesting thing is this: Underneath his humble (and objectively non-murderous) exterior, Mueller knew that meme-worthy jokes wouldn’t be enough — Carrot had to be a best-in-class weather app, too.

“There are basically two apps here,” says Mueller, who codes, designs, illustrates, and writes the (often real-time) gags himself. “One is an entertainment app — something you want to open apart from learning about temperatures and conditions. The other is a professional weather app. I wanted both.”

He got them. Carrot Weather presents its meteorological metrics — humidity, UV index, and sunrise and sunset — in splashy, colorful screens that match its acerbic voice. (“Does the sun really think he can hide? We see you behind those clouds, stupid star.”) The app is available on for iPhone, iPad, Apple Watch, and Apple TV. And earlier in 2021, Mueller released an update that lets users customize Carrot however they please, creating, in essence, a “Choose Your Own Weather App“ experience (albeit one that occasionally threatens you with scary clowns).

It’s a long way to go for a guy who started developing on the side seven years ago while pursuing a full-time career as — not entirely surprisingly — a screenwriter. “I’m an English major with a creative writing minor,” Mueller says. “I love to write and create characters and tell stories, but I had no real idea of what I would do with my life.” He found the idea of apps intriguing, but had no experience to draw from. “I figured if I was going to build an app, I’d just hire someone to do it for me,” he says. “I got a book on iOS development, mostly so I could flip through the vocabulary and not sound like a complete idiot. But it wasn’t anywhere near as over my head as I thought, so I just started building.”

In a matter of months, Mueller had his first title, a to-do list app called Grailr whose mascots were an Indiana Jones-type character and his cartoon dog sidekick. “The dog’s name was Sir Waffles, and he had a top hat and monocle,” Mueller laughs. “I liked him. But it was way too hard for me to animate a cartoon dog.”

Instead, he popped into Photoshop, drew a simple pattern of three circles, and then began playing around with animation, eventually landing on a nefarious-looking pulsing red light drawn straight from the HAL and GLaDOS school of evil sentient robots. “There was no genius idea,” he says. “That was basically the extent of what I could do in Core Animation in iOS at the time.”

This necessity became Carrot’s look. Her dark, devious personality, however, comes from those closest to Mueller: his mom, sister, and wife — all of whom tease one another relentlessly. (Sister Beth, for instance, commemorated Carrot’s Apple Design Award win by emailing him the following: “You’re probably getting lots of congratulatory messages, so I just wanted to remind you that you are the worst.”)

“A lot of the dialogue for Carrot is drawn out of stuff that we’ve actually said to each other,” he says. “Every time my wife says something funny, I write it down. Sometimes she gets annoyed by that, but she’s a lot funnier than I am.”

With his robot ready, Mueller began releasing a series of apps — Carrot To-Do, Carrot Fit — all with the same distinct approach to motivation. His to-do list yells when you fail to complete a task. His alarm clock mocks you for sleeping in. His fitness app shames you for slacking off.

Weather was a logical next step. Carrot Weather began strictly as an entertainment app — one that leaned in entirely on Mueller’s digital doppelganger. “It was a cool, gimmicky kind of thing, and people liked it,” he says. But over time, people started asking for more metrics: cloud cover, wind speed, pressure. Data, data, and more data. “I’d spend an hour or so sketching and figuring out how to fit things in,” he says. “That’s how I started learning how to solve design challenges.”

The inaugural version of Carrot Weather focused almost entirely on the current temperature; the second version began to dig in on forecast, radar, and notifications. But its next redesign was a big one: The 2017 model brought Carrot to Apple Watch, which Mueller says was the “turning point” in transitioning the app into something more than a repository of jokes.

“I couldn’t really have long jokes on the Watch, so I had to focus on making a really good weather app,” he says. “I started over from scratch. I tried to use all of the hardware features built into the Watch as much as possible to abstract away a lot of what would normally be visual in the interface on the iPhone.”

Mueller focused the experience on a few key data points and used color to communicate weather conditions so that people could quickly get a sense of their forecast. From there, he worked in reverse, bringing his favorite features back into the iPhone and iPad app.

Today, the Carrot universe comprises seven iOS apps and an iOS sticker pack, as well as Apple Watch, Apple TV, and Mac versions of Carrot Weather. The app now offers a fully customizable interface for those who want to craft their perfect weather app. You can record customizable weather reports replete with sassy teleprompter dialogue, or have Carrot taunt you in augmented reality. (She turns red if you annoy her. You’ll probably annoy her.)

There have been upgrades on the sarcastic side too: Mueller regularly updates the app’s text to reflect current events, which means he can respond to current events — everything from political headlines to console releases — within minutes. “People are tweeting me all the time how they get their news from a weather app,” he laughs.

And yes, if so moved, you can even mitigate the darker sides of Carrot’s personality. “I wanted an option for people who were more interested in the cool professional features — or maybe for the people who don’t want the ‘Oh, Carrot wants to kill you,’ kind of thing” he laughs. “Even if you turn off the personality completely, you’ll still get the fun animations and features.”

For all his success, Mueller remains humble (even a little bemused) by all this attention. His design process, he jokes, isn’t as formal as many of his Apple Design Award-winning peers — it’s “basically throwing a bunch of stuff on a screen until I don’t think it’s hideous.”

Even so, it’s that singular focus and care (and dash of self-deprecation) that makes Carrot stand out. Mueller’s constant iteration and exploration — whether he’s iterating on interface designs, supporting new API, or crafting a late-breaking joke — keep the app fresh and entertaining long after you’ve checked the day’s weather.

---

Learn more about Carrot Weather

Download CARROT Weather from the App Store

Bringing CARROT Weather to Apple Watch

Ladder is a self-care and mindfulness app built for the Black, Indigenous, and people of color (BIPOC) community — or, as founder Don Le puts it, “people like us.”

The app helps you establish positive, productive daily routines to reduce anxiety, improve your sleep, amp up your physical activity, and more. The Ladder difference: Its trainers, coaches, and experts are all from the BIPOC community. “It’s not often that most — or in our case, all — of the voices in an app are people of color,” says Le, who founded Ladder with Thuc Tran.

We caught up with Le to discuss the benefits of bugs, the virtues of journaling, and diversity in the self-care space.

Were you into mindfulness and self-care before launching Ladder? My background was in investing — I used to work at a growth equity firm. But the idea for Ladder came from my own journey. I was getting burned out, so I started looking for tools to get out of the rut I was in. I began meditating and journaling, then realized I could find ways to not just share what I’d learned but also make it more accessible.

What were your first steps?
I started going to mental health conferences and local support groups. There I saw how people often didn’t have access to — or couldn’t afford — traditional mental health care tools. Or they went through the process and felt it just didn’t work for them.

Did you design Ladder for a BIPOC audience from the outset? We did. As I started digging more into the research, I came across some pretty crazy stats: Over 85 percent of psychologists working in the U.S. are white, and the remaining 10 percent are split between Black, Hispanic, Indigenous, and others. You look at the mindfulness and mental health apps out there and they are predominantly white too. When we reached out to wellness experts and content producers, they’d tell us they felt the lack of diversity — that the audience they were reaching wasn’t as diverse as they’d have liked. So the next step for us was expanding that library of trainers even more.

Which of the features you’ve built were you most surprised to see resonate with customers?
Early on, our users were tracking their habits and building healthier ones. But as the app progressed, we saw people really caring more about the daily check-in. Being able to log emotions and journal their thoughts became the most important feature for many people. We don’t know if that’s COVID-related or a natural progression, but it’s become our most winning feature.

What advice do you have for developers just starting out?
Direct-to-consumer apps are notoriously brutal; it can be really hard to find a market fit. So talk to users. Talk to them more than you think you need to. Get in a feedback loop as soon as you can. You’ll really come to understand how people are using your app. They might see things that you might not see as very important.

---

Download Ladder from the App Store

Learn more about the App Store Small Business Program

Four years ago, Noted cofounders Terenze Yuen and Fai Tung came out of an hours-long client meeting with two things: a very lengthy recording and a total lack of enthusiasm for transcribing it. “You can imagine the pain,” Yuen says.

Happily, that pain inspired the pair to create Noted, a recording app that lets you add text annotations and hashtags to your recordings as you’re making them. After you tap the big red button, anything you type — “launch update,” “convoluted calculus formula,” “funniest quote of the interview” — is automatically time-stamped.

We caught up with Yuen to talk about his app’s growth, Michelle Obama’s inspiring words at the Apple Worldwide Developers Conference (WWDC), and the challenge of getting artificial intelligence to understand with silence.

You’ve said you and your cofounder were inspired by a very long meeting…
We were! When we came out, he said, “Do you remember the time they mentioned this and that?” I sent him the recording, but neither of us could remember the timeline. We thought, “Why can’t we marry note-taking and audio recording, so when someone asks for that time, you can tap back to a hashtag? That was the core of the idea.

After you launched, where did you see Noted used most?
Classes and meetings. We got a lot of images from users in lecture halls and conferences, including WWDC. Journalists use it all the time; songwriters use it to write lyrics and play them back.

What surprised you about how people were using Noted?
One thing was hearing from users who are blind. Then, in 2017, we heard Michelle Obama talk at WWDC about imagining someone, somewhere, whom you could lift up with your work. I asked myself, “Are we really building for everyone? Are we doing all that we can?” I realized we had room to improve. We started integrating VoiceOver, then worked with blind people to improve that. A teacher at a school in New Zealand reached out to help her kids take notes during class. This is something that touches our hearts.

Noted can automatically skip over long silences in your recordings. How did you create that feature?
We got a lot of suggestions from people who were in lectures all day. Their recordings were three or four hours long because they forgot to stop recording when there was a break, and they’d have to scrub through those 30 minutes or whatever it was. So we put our thinking caps on and looked into machine learning. We struggled with that! But when Core ML released, one of our guys sat down and went through thousands of hours of audio to train it. We knew it was doable.

What advice would you give to developers who are just starting out?
You can’t do everything yourself. One person isn’t a symphony — you need everyone to play. When your app gets out the door, that’s the start of the whole thing, not the end. You need people in customer support. You need people in design. You need marketing people, you need engineers. You need different types of people to do distinct things.

---

Download Noted from the App Store

Learn more about the App Store Small Business Program

The App Store makes it easy for you to manage transactions in 175 territories, and Apple administers tax on behalf of developers in 64 of those territories. Now App Store Connect provides the ability to assign tax categories to your apps and in-app purchases. These categories are based on your app’s content (for example, videos, books, or news publications) and determine which tax regulations apply in each territory, allowing Apple to administer tax for you at specific rates.

To assign categories, visit the Pricing and Availability section for your app in App Store Connect. If a category applies to your app, select it at the app level to apply it to the app and its associated in-app purchases. You can also manage each in-app purchase individually. Your selections will be applied to future transactions. If you choose not to make any changes, your apps and in-app purchases will be assigned the App Store software category at the same tax rate used today. Adjust these settings at any time as the characterization of your apps or in-app purchases evolve or as tax legislation changes.

Learn more about setting tax categories

Updated on June 17, 2022

Andrew Yanchurevich’s inspiration for Loóna came, appropriately enough, at night-night time.

As a father of a 3-year-old son, Yanchurevich was well in the habit of reading bedtime stories nearly every night. One evening, he realized his son wasn’t the only one getting drowsy. “What worked well for him was also working for me,” says Yanchurevich. “As I read, I forgot about my thoughts and my plans. My mind came down.”

While that night brought Yanchurevich pleasant drowsiness, it also sparked the beginnings of an idea: an app that paired the beauty of a great bedtime story with soothing interactive experiences to help you drift off to dreamland. Together with co-founder and former product designer Eugene Nevgen, they dreamt up a product as gorgeous as it is effective: Loóna.

The app winds you down with “sleepscapes,” interactive episodes designed to soothe your mind at the end of your day. “People use their phones at bedtimes, so we wanted to give them a more meaningful way to do it,” Yanchurevich says. “You can spend 20 or 30 minutes with Loóna and be ready to fall asleep.”

The idea, as Yanchurevich says, is to “recreate this safe bubble from your childhood,” just as he was doing for his son. In the introductory sleepscape “The Dragon’s Shrine,” you’ll explore a beautifully rendered marble pagoda while an appropriately mellifluous voice guides you through calming tasks. As you progress through sleepscapes, you’ll lose yourself in a fairytale kingdom, explore a dark forest, or simply cozy up to a crackling fire.

Co-founder Nevgen says his goal with Loóna wasn’t just to build a great mindfulness app, but to create “the most beautiful in the category.” That’s turned out to be a big job: There are more than 55 sleepscapes in the app, each of which took some 500 hours to build.

People use their phones at bedtimes, so we wanted to give them a more meaningful way to do it.

Luckily, the minds behind Loóna had a unique blend of skill sets. Nevgen and Yanchurevich are former product designers; co-founder Sergey Gonchar is a veteran engineer (along with Nevgen, he launched the now-defunct face-filter app MSQRD); co-founder Dmitri Doryn has a background in 3D graphics and training as an architect; and sound designer Ivan Senkevich has a long history in audio.

Sleepscape ideas range from esoteric notions like “the light of hope” or “the luminous realm” to something more concrete, like a Parisian park or a throwback Brooklyn. A bustling New York city may not be exactly the first thing that comes to mind when you think of a relaxing place. “Generally, people expect to see rainbows or forests in an app that promotes relaxation and sleep,” says Loóna CPO Mike Chernetsov, who leads the writing team. “Here you’ve got an old city building in the late evening.”

But part of the team’s goal is expanding the idea of what a relaxing place can be. “We don’t want to just do stereotypical places,” Chernetsov says. “Sometimes, we want to show places from a totally different perspective. If you look (at ‘Heartwarming Brooklyn’), it refers to a feeling that resonates with everyone: nostalgia. When we’re not feeling good, we all want a place to escape to, a moment where we can feel safe and secure. And from a visual standpoint, Brooklyn is really very soothing.”

Yanchurevich says the Brooklyn sleepscape is also easily one of the app’s most popular. “People have messaged us wanting the address to the building,” he says. “They want to grab a pizza in that cafe.”

Every soundscape the team creates involves this level of exploration and storytelling. While co-founder Doryn gets to work drafting a 3D model of the potential world, Chernetsov and the writing team are focused on exploring the narrative: What would bring you to this place? What would you do there? What sort of meditative activities would keep you the right level of engaged? It’s not storytelling in the traditional sense, but the writers so have an advantage: they can plunge into Doryn’s early sketches themselves to, as he says, “fly around the scene to finish the story.”

We want to show places from a totally different perspective. If you look (at ‘Heartwarming Brooklyn’), it refers to a feeling that resonates with everyone: nostalgia. When we’re not feeling good, we all want a place to escape to, a moment where we can feel safe and secure.

While the story is coming together, the app’s team of musicians and sound designers also get to work laying the sleepy sonic groundwork, much of which is recorded live in the team’s hometown of Minsk, Belarus. “I often come into my village to record,” says Senkevich. “The region has a great natural sound.”

To create the appropriately somnolent aural environment, Senkevich often hits the road in search of animal noises, breezy forests, babbling rivers, and the buzz of insect life. “Some of the sleepscapes are more cartoonish and some more realistic. But we always try to show that natural-ness of the sound.” (Some sounds, he notes, did come from libraries. “You can’t record the sea in Minsk,” Senkevich says with a laugh.)

Still, at the end of the day (well, the night), Loóna’s goal is to get you to turn the app off. The key is to strike an artful balance between meditative activity and relaxation; if a sleepscape is working, you’ll shut it down well before you’re finished (which is OK, you can pick it tomorrow night). Doryn says that finding that tightrope-sized balance is not always easy.

“It’s an iterative process,” Doryn says,“ and sometimes we do go too far. Our animation team always wants to do more. Something more beautiful, something more glowy and shiny and with lots of jiggling wiggling stuff in the scene,” he laughs.

To find that balance, Loóna trusts their team of testers, who interact, color, unpack, and play with each soundscape to make sure the worlds help lull their participants without distracting them. A sleepscape called The Rusty Rooster Inn, for example, initially featured dozens of roof tiles that needed to be individually lit; their testers found it too much, however, so the Loóna team went back to grouping tiles together.

Finding that balance, Doryn says, is a constant job. “There’s no simple recipe, no silver bullet.” he says. “It’s all responding to user feedback. We’re constantly running tiny surveys, and always improving things from a technical and performance standpoint.”

With nearly 100 more sleepscapes in the works, Loóna is growing fast. From a creative standpoint, the team is working to craft an interconnected “Loóna universe,” where elements, themes, and even Easter eggs pop up across the app’s bank of sleepscapes. “We want to offer a journey to a whole universe of interconnected worlds,” says Chernetsov. “We want you to find a place where you’ll feel safe and secure, every night.”

Learn more about Loona

Download Loona from the App Store

In the universe of astrology, Chani Nicholas is a shining star — she has a New York Times best-seller (You Were Born for This: Astrology for Radical Self-Acceptance), a massive and devoted podcast audience, and a huge social media following.

With Chani, Nicholas says, she wanted to provide an experience only an app could, by “creating a personalized guide through life’s ups and downs.”

If you’re accustomed to reading astrology in short blurbs, Chani will be a revelation: Extensive horoscopes and birth charts deliver insights based on your birth date and time, and the current position of every planet (and Pluto).

Equally important to Nicholas are the app’s social justice initiatives: Chani was built by AnnieCannons, a queer-led development group whose engineers are predominantly survivors of human trafficking or gender-based violence. And 5 percent of the app’s revenue goes to survivors of gender-based violence through FreeFrom.org, an organization run by Nicholas’ wife, Sonya Passi, who also serves as CEO of Chani Nicholas Inc.

We caught up with Nicholas and Passi to discuss the importance of creating a dialogue with your chart, and how all Geminis aren’t the same.

Why did you decide to develop an app?

Nicholas: I’ve taught workshops online for the past six years; they were really successful, but they were delivered in a fairly archaic way. Building an app seemed like the most organic thing to do next.

Passi: It was important for us to make this system of knowledge extremely accessible. We talk about the app being the blueprint of your life in the palm of your hand. But we don’t want to just give your horoscope in tidbits; we want to give you the tools to be in a constant dialogue with your own chart.

The app is full of very specific, personalized information. Who provides all the content?

Nicholas: Every single word is written by me and a team of astrologers who have years, if not decades, of experience. And the planets never stop moving! Whatever you write is gone by the end of the week.

What has the response been like?

Nicholas: What I note from people is how it’s become a ritual: listening to the podcast, doing the workshops, checking in. It’s evolving in a way where people are making it part of their self-care; there’s such community participation. On Sundays and Mondays, people post a lot of weekend pictures of themselves in the bath to social media. I hope their devices are OK!

What were the early days like after you launched the app?

Passi: I must have answered about 1,200 customer service emails! We’ll look back on that time with turned stomachs and tremendous fondness, because that’s the beauty of it, right? The struggle and the success, seeing it all come together and remembering what you did to get it there. Now — and I’m certain a lot of app developers feel the same way — the ideas are coming faster than we can build.

What can astrology mean to the world today?

Nicholas: It really can feel empowering to know things about yourself, but it’s also about having a relationship with the story. People whose sign is, say, Gemini — the world tells them what they are, based on that. But obviously, everybody with the Gemini sign is very, very different. I wanted to subvert things and have you be more on the inside of your chart.

Passi: I didn’t know a lot about astrology before Chani and I met. Once I did learn, it felt like my life began. My healing journey began. My acceptance of who I am and what I’m here to do began. It’s important to me that everyone can have that.

---

Learn more about CHANI on the App Store

Learn more about the App Store Small Business Program

As a student in India, Kushagra Agarwal’s favorite subject had always been art, until he started having difficulty identifying the color brown. By sixth grade, dark green, red, and brown became almost indistinguishable to him.

As he grew older, Agarwal was disappointed by the lack of tools for people with color-blindness, so he got to work: Coding with Swift, he built the app Cone, which uses the iPhone or iPad’s camera—and Apple’s AVFoundation framework—to identify colors in photos or any environment.

The App Store spoke to Agarwal about color temperatures, the design world, and picking ripe mangoes.

What inspired you to create Cone?
There were other options for color-blind people, but they never worked reliably for me. Some would read only limited hues. Some would read only the color of the exact pixel you were pointing to, which would result in inaccuracies. Individual pixels never tell the whole story—the colors you see, especially in high-resolution photos, are an average of all the colors in a small area.

When did you realize you were onto something?
I’d heard it’s possible to tell if a mango is ripe by its color. I could never do that because I have a hard time differentiating between yellow-orange and green. So one day I had the app look at a few mangoes in the kitchen and found some of them were green! To my eyes, they were different shades of the same color, but Cone told me the real story. I still use Cone to identify ripe mangoes!

What was the early response to your app?
Initially, people—mostly from Reddit’s r/colorblind community—were skeptical about Cone’s accuracy, mainly because of two problems in existing apps: inaccurate color readings in different lighting conditions and the tendency for apps to read only a single pixel value. I introduced a color-temperature control so Cone could read colors accurately in different lighting conditions. I also had Cone read every color around a point and show the average result. People enjoyed this attention to detail.

How has Cone evolved since launch?
Before Cone was released to the public, it was a simple color-identification tool for personal use. Once I started polishing it for release, I figured out another use case that would help me as a designer: the ability to store and manage colors in a library. So over time, Cone evolved to be a utility for designers. It’s now used by UI designers, interior designers, graphic designers, print designers, and more.

The app has become an invaluable tool for many people. What has it meant for you?
Now I make fewer mistakes seeing colors, so I am able to always wear matching clothes!

---

Learn more about Cone on the App Store

Learn more about the App Store Small Business Program

At Apple, we believe privacy is a fundamental human right. When people connect to a public Wi-Fi hotspot, they expect to use your app to send and receive data without worrying that someone in the vicinity could intercept their connection and gain access to unencrypted data. Allowing even seemingly-innocuous data to remain unencrypted can expose people to snooping and fingerprinting by anyone on the network.

Transport Layer Security (TLS) uses encryption to protect connections from prying eyes, and URLSession provides strong TLS connections by default with App Transport Security (ATS).

If you need to connect to older servers that don’t support TLS, however, you can now add ATS exceptions to your app. Ideally, exceptions should just carve out the specific domains or frameworks that make insecure connections, and you should limit any exceptions you do request. Avoid sending data unencrypted except when absolutely necessary for your app to function.

Identify necessary ATS exceptions

To make sure your app — and the data used within it — is as secure as possible, it’s important to identify whether your app is currently making insecure connections.

To check, disable all your active ATS exceptions by setting their values in your Info.plist to “NO.” From there, open your app or run your unit tests. If your app makes an insecure connection, Xcode will generate runtime errors for each one.

If your app is generating insecure connections, there are a few steps you can take to remove them.

Secure your servers

If your app connects to servers you control, make sure those servers support secure connections. This requires a TLS certificate. If you use a hosting service, check whether they offer certificates, and make sure those certificates meet the requirements detailed in “Preventing Insecure Network Connections.”

Preventing Insecure Network Connections

Use HTTPS

If your app connects to servers you don’t control, you should always attempt to connect to those servers over HTTPS instead of HTTP. You can identify whether a server supports HTTPS by simply changing “http://” to “https://” in your URL string and trying to load data from that website. You can check this manually in a browser, or run code as follows:

let request = URLRequest(url: URL(string: “https:

Many websites redirect HTTP connections to HTTPS. Connecting over HTTPS first can often improve the performance of your app. Note, however, that while a website may use HTTPS, that doesn’t mean it’s ATS-compatible. For instance, it may be using an outdated version of TLS, which, on Safari, displays a “This Connection Is Not Private” warning.

Remove unnecessary exceptions
On websites where you no longer receive ATS runtime errors, you can remove those exceptions. Locate “App Transport Security Settings” in your Info.plist and click the “-” icon to remove the exceptions in question.

Configure exception domains

If your app still needs to make insecure connections to specific domains, you can configure ATS exceptions for just those domains.

• Add Exception Domains directly to your app’s Info.plist or in the project editor. Navigate to “Signing & Capabilities” and choose the “+ Capability” option.

• Select “App Transport Security Exception” from the list.

• This will add an “App Transport Security Exception” section to your capabilities:

• Click the “+” icon to add domains that your app needs to connect to insecurely.
• Enter a domain here to connect over HTTP to that domain and its subdomains. If you need to alter these settings, you can make changes directly in your Info.plist.

Configure framework and class exceptions

On rare occasion, you still may need to make an insecure connection to an unknown domain. In this case, there are two broader exceptions you can consider offering.

• If your app needs to make insecure connections through WKWebView, add “Allows Arbitrary Loads In Web Content” to your Info.plist:

• If your app needs to make insecure connections through AVFoundation, add “Allows Arbitrary Loads for Media”:

These exceptions will ensure that your app only makes insecure connections via AVFoundation or WKWebView, leaving the rest of your app protected by ATS. Because these are relatively broad exceptions, however, they will allow every part of your app that uses AVFoundation or WKWebView to make insecure connections which can be intercepted and inspected.

Keep your app secure

People want to trust your app, and ATS can help you build that trust by handling their data responsibly while in transit. To get the most out of ATS:

• Make sure that your app connects to servers over HTTPS instead of HTTP.
• Tailor your ATS exceptions to your app as closely as possible.
• Periodically review your exceptions to check whether servers have started supporting HTTPS or your app no longer needs to connect those servers to make insecure connections.

Resources

Networking with NSURLSession

Learn about App Transport Security, HTTP/2 protocol support, new NSURLSession API, and best practices for networking in apps, extensions, and WatchKit apps.

NSAppTransportSecurity

Preventing Insecure Network Connections

NSExceptionDomains

NSAllowsArbitraryLoadsForMedia

NSAllowsArbitraryLoadsInWebContent

WKWebView

Learn more about App Transport Security on the Developer Forums

Explore Xcode Cloud workflows

Learn how Xcode Cloud workflows can help you and your team automate building, analyzing, testing, archiving, and distributing your apps and frameworks. They are flexible, extensible, and can be configured around your team’s development and distribution process. Find out the basics of Xcode Cloud…

June 11, 2021

Thank you to everyone who joined us for an amazing week. We hope you found value, connection, and fun. You can continue to:

We’d love to know what you thought of this year’s conference. If you’d like to tell us about your experience, please complete the WWDC21 survey.

Take the survey