Home > Enterprise >  Universal link problem when using http protocol
Universal link problem when using http protocol

Time:11-25

I know that in Apple docs, they say this:

After you construct the association file, place it in your site’s .well-known directory. The file’s URL should match the following format:

https:///.well-known/apple-app-site-association You must host the file using https:// with a valid certificate and with no redirects.

Our site is not using https, but rather http, but apple-app-site-association file is hosted using https. That is achieved by:

  • using letsencrypt and certbot, which gives valid certificate
  • some nginx configuration so that all works

I am not a devops, so I don't know details about above, but if we go to ASAA validator (enter image description here

The apple-app-site-association file looks like this:

{
    "applinks": {
        "apps": [],
        "details": [
            {
                "appID": "com.xxx.MyApp",
                "paths": [ "/#/new-password/*", "/#/new-password/"]
            }
        ]
    }
}

In developer portal, I have enabled associated domains, and in Xcode, Associatied Domains-> Domains setting looks like this:

applinks:mysite.dev.com

Also in ApplicationDelegate I have implemented continueUserActivity method in AppDelegate, but it doesn't trigger, and when I click on a password reset link (from a mailtrap) my application doesn't open, but rather web link is opened (the site).

Link has this structure:

enter image description here

And the code would be like:

    <key>NSAppTransportSecurity</key>
    <dict>
        <key>NSAllowsArbitraryLoads</key>
        <true/>
        <key>NSTemporaryExceptionMinimumTLSVersion</key>
        <string>TLSv1.2</string>
    </dict>
  1. Clean and build the project and test your universal link using the HTTP protocol

If the before steps don't work, you could try to add exceptions for specific domains in your Info.plist:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSExceptionDomains</key>
    <dict>
        <key>mysite.dev.com</key>
        <dict>
            <key>NSIncludesSubdomains</key>
            <true/>
            <key>NSExceptionAllowsInsecureHTTPLoads</key>
            <true/>
            <key>NSExceptionRequiresForwardSecrecy</key>
            <true/>
            <key>NSExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
            <false/>
            <key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
            <true/>
            <key>NSThirdPartyExceptionMinimumTLSVersion</key>
            <string>TLSv1.2</string>
            <key>NSRequiresCertificateTransparency</key>
            <false/>
        </dict>
    </dict>
</dict>

The above is just experimentally, take in mind that if your app doesn't have a good reason to allow HTTP traffic it could be rejected by Apple, I share with you some interesting links:

https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33 https://developer.apple.com/videos/play/wwdc2015/703/ https://github.com/AFNetworking/AFNetworking/issues/2779#issuecomment-112030880

Regards!

  • Related