Idea - App Transport Security - IOS

App Transport Security - IOS

New

Mobile

Hi Team,

I have checked the iOS Info.plist file, and by default, the property NSAllowsArbitraryLoads is set to true. Currently, this value cannot be overridden.

While I understand that we can configure and enforce HTTPS connections at the server level, this property setting goes against iOS’s default security best practices. Moreover, when publishing the app to the App Store, we need to provide justification for having NSAllowsArbitraryLoads = true.

I would like to suggest the following:

Provide an option in the Extensibility Configurations to set NSAllowsArbitraryLoads to false, or
Set this property to false by default, allowing developers to define their own approved domains (as explained in the documentation).

This will help align the app with Apple’s recommended security standards and simplify the App Store review process.

Reference: 🔗 https://developer.apple.com/documentation/bundleresources/information-property-list/nsapptransportsecurity/nsallowsarbitraryloads

02 Nov 2025

Daniël Kuhlmann

MVP

Does this help you?
https://www.outsystems.com/forums/discussion/49509/apple-app-transport-security-ats/

03 Nov 2025

Vignesh Sekar

I already gone through this steps and still when build time cordova overwrite this ! from my side i am already tried more steps but i cant able to overwrite this property

03 Nov 2025