In terms of ATS (Application Transport Security), yes, this is a new requirement for all iOS 9 devices running applications created using Xcode 7.
https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote/
All connections using the NSURLConnection, CFURL, or NSURLSession APIs use the default behavior for the Transport Security application in applications built for iOS 9.0 or later, and OS X v10.11 or later. Connections that do not follow the requirements will fail.
BUT, your application may, if necessary, refuse the need to add exceptions to your Info.plist, at least until Apple changes this, assuming that in the future they will apply 100% compliance, perhaps iOS 10 release (?), maybe earlier (?) ...
Renouncement:
<key>NSAppTransportSecurity</key> <dict> <key>NSAllowsArbitraryLoads</key> <true/> </dict>
Via: Google Ads Developer: http://googleadsdeveloper.blogspot.ch/2015/08/handling-app-transport-security-in-ios-9.html
Note. You can use "nscurl -ats-diagnostics" by installing OS-X 10.11 to verify that ATS matches the URLs that your application will use. I would highly recommend doing this before the application (re), to ensure that you do not need to request exceptions through Info.plist.
Self-signed certificates will not work unless you add and trust the Signature Values data or disable ATS again using the Info.plist exception. Save the problem and just purchase a compatible SSL certificate.
Also, I am currently accessing web services via ipv4 address. Do I need to change it to ipv6?
No, your servers do not need to start IPv6, they should, but it depends on you and your hosting provider, as some mobile operators switched to IPv6 only because of the lack of IPv4 addresses, but, of course, they provide NAT translation to IPv4 .
But your HAS application must be IPv6 enabled / ready to work with these providers, otherwise you will receive a deviation from the application. I highly recommend reading the Apple doc .
Several situations may prevent an application from supporting IPv6, and they are rejected:
- IP address literals embedded in protocols. Many communication protocols, such as Session Initiation Protocol (SIP), File Transfer Protocol (FTP), WebSockets, and Peer-to-Peer Protocol (P2PP), include IP address messages in protocol messages. See Using High-Level Network Structures and do not use IP address literals.
- IP address literals embedded in configuration files. Configuration files often include IP literals. See the section “Do not use IP literals”. Preliminary check of a network. Many applications attempt to proactively verify an Internet connection or an active Wi-Fi connection by passing IP address literals to the network availability API.
- Using low-level network APIs. Some applications work directly with sockets and other network APIs such as gethostbyname, gethostbyname2 and inet_aton. These APIs are prone to misuse or only support IPv4, for example, resolving host names for the AF_INET address family, and not for the AF_UNSPEC address family.
- Using containers to store small addresses. Some applications and network libraries use containers for storing addresses, such as uint32_t, in_addr and sockaddr_in — 32 bits or less.
See more details and workarounds for the above items: https://developer.apple.com/library/prerelease/ios/documentation/NetworkingInternetWeb/Conceptual/NetworkingOverview/UnderstandingandPreparingfortheIPv6Transition/UnderstandingandPreparingfortheIPv6mltredhtfduppht_dumpth_documentation / TP40010220-CH213-SW1