HTTPS requirement for iOS apps, the new 2017 App Store policy explained


Edit: Apple decided to give developers additional time to prepare their apps to comply with the requirements of App Transport Security (ATS). Until a new deadline is confirmed, rest assured, you now know that our beautiful team is ready ;)

As of January 1st, 2017, the App Store will introduce a new requirement for all iOS apps. Developers will have to use HTTPS connections rather than HTTP for all app requests. If an app fails to comply with this new security feature, it will be mandatory to provide a justification upon the review of your app by Apple, or else, it will be rejected.
We chose December 28, 2016 as a deadline to make our final switch towards HTTPS, meaning that all GoodBarber iOS apps compiled beyond this date will not authorize HTTP requests any longer.

GoodBarber apps already rely on HTTPS for most of their communication with the GoodBarber servers, and these last few weeks, our team has worked on migrating the last few remaining HTTP URLs. However, the new App Store policy might still require that you run a check up of your beautiful app.

Again, if you are a GoodBarber user, our apps will now be designed to comply with the update, but if you fall under one of the specific cases below, we do recommend that you verify the secure protocol of your connections before compiling your app, for submissions and app updates alike:

1. If you have a Live audio / Live video / Live+ section installed, your feed must now be powered with a HTTPS URL

2. If you have a HTML / URL section, you should now enter a HTTPS address

3. If you embed a video iframe inside your content, use a HTTPS URL for the source

4. If you use a custom feed (within an Article, Photo, Video, Maps or Event section), check that all the external URLs present in the feed (such as images) comply with HTTPS

5. If you have a Plugin section, make sure all plugin network exchanges run with HTTPS

If you are not concerned by any of the above, the new App Store policy won’t impact your app.

If you find yourself in one of the situations listed above, just be careful to make the necessary HTTPS switch before committing an update of your iOS app and you’ll be good to go.