Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/collaborne/cordova-plugin-except-aws-s3-from-ats
Cordova plugin that excepts access to S3 from App Transport Security (iOS9)
https://github.com/collaborne/cordova-plugin-except-aws-s3-from-ats
Last synced: about 2 months ago
JSON representation
Cordova plugin that excepts access to S3 from App Transport Security (iOS9)
- Host: GitHub
- URL: https://github.com/collaborne/cordova-plugin-except-aws-s3-from-ats
- Owner: Collaborne
- License: apache-2.0
- Created: 2015-10-09T09:37:57.000Z (about 9 years ago)
- Default Branch: master
- Last Pushed: 2017-02-16T08:23:46.000Z (almost 8 years ago)
- Last Synced: 2024-11-11T09:54:40.844Z (about 2 months ago)
- Size: 9.77 KB
- Stars: 2
- Watchers: 5
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# cordova-plugin-except-aws-s3-from-ats [![npm version](https://badge.fury.io/js/cordova-plugin-except-aws-s3-from-ats.svg)](http://badge.fury.io/js/cordova-plugin-except-aws-s3-from-ats)
Cordova plugin that excepts access to S3 from App Transport Security (iOS9)
## Background
iOS9 introduced strict transport security rules ([ATS](https://developer.apple.com/library/prerelease/ios/technotes/App-Transport-Security-Technote/)) which rejects the current AWS S3 certificates.
This blocks all access to AWS S3 from Cordova based apps built with the iOS9 SDK (Xcode 7). For example the following image won't load:
```html
```AWS recommends to except the S3 domain via the -Info.plist ([link](https://forums.aws.amazon.com/thread.jspa?threadID=215371)):
> Recent changes, per Apple's App Transport Security Technote, states using NSURLConnection, CFURL, or NSURLSession require TLS 1.2 and SHA256 (or > better) signed hash algorithms. S3 currently supports TLS 1.2. S3 endpoint certificates will continue to be based on SHA-1 until September 30th. We recommend specifying exceptions to the default ATS behavior by modifying the Info.plist file during the transition period. Later this year, when S3 SHA-256 certificates are deployed, we recommend testing and confirming your application works properly with the enabled ATS security settings.
>
> All current apps will continue to function just fine. This applies specifically to those that are compiled with the new SDK, Xcode 7.This plugin adds the required entry to -Info.plist.
## License
This software is licensed under the Apache 2 license, quoted below.
Copyright 2011-2015 Collaborne B.V.
Licensed under the Apache License, Version 2.0 (the "License"); you may not
use this file except in compliance with the License. You may obtain a copy of
the License athttp://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations under
the License.