App Transport Security Issue


#1

I am experiencing an issue in HubSpot where in our mobile iOS app when a user clicks on a link, the expected behavior is to open the webpage link which is running in HubSpot platform. However, the actual behavior right now is that, when a user clicks on that link, it throws an error:

Error Domain=NSURLErrorDomain Code=-1022 "The resource could not be loaded because the App Transport Security policy requires the use of a secure connection." UserInfo={NSLocalizedDescription=The resource could not be loaded because the App Transport Security policy requires the use of a secure connection., NSErrorFailingURLStringKey=http://www.paymaya.com/faq/?in_app=true, NSErrorFailingURLKey=http://www.paymaya.com/faq/?in_app=true, NSUnderlyingError=0x600001255030 {Error Domain=kCFErrorDomainCFNetwork Code=-1022 "(null)"}}

If you read the error log, it says there that it is trying to access the link: http://www.paymaya.com/faq which is live and working if accessed via browser, but is not working if accessed via iOS app. It seems like we cannot view the HubSpot page as webview in the iOS app. Please let me know if I need to configure something, or if there are changes needed on HubSpot's end.


#3

Hi @alponce,

This isn't caused by an issue on HubSpot's side. In short, your app's policy doesn't allow you to send users to an insecure HTTP link. Instead, you should use the HTTPS version of the URL. I see that http://www.paymaya.com/faq already 301 redirects to https://www.paymaya.com/faq; placing the HTTPS version as the destination in your app should resolve this issue.

Here are some related discussions I've found: