Improved ATS logs
When a cleartext HTTP load sneaks into your app (You don’t allow abritrary loads right?), CFNetwork, the networking library on iOS and macOS, gives you get this nice console message:
2017–08–27 14:08:11.589 MyApp[24489:5654631] App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.plist file.Helpful, but it only shows up once, and doesn’t tell you what the URL was.
We can make it a little more helpful by using an undocumented UserDefaults key: com.apple.cfnetwork.ats.loglevel to 2.
2017-08-27 14:09:31.125 MyApp[24508:5688634] The load of http://www.google.com/ is blocked by ATS policy.Now it logs every time a load is blocked and it includes the URL.
The easiest way to set this key is by editing your scheme (⌘<) and adding an item to Arguments Passed On Launch for the Run action.
Remember the syntax for UserDefaults passed as arguments is -key value .
Enter -com.apple.cfnetwork.ats.loglevel 2 like so:

Just remember that this key is not documented. I find it more useful than the default log message, while being much less verbose and easier to use than the full CFNetwork Diagnostic Logging.
I found myself coming back to this post for my own reference, so I’ll add some more tips.
If you want to set a breakpoint when an ATS violation occurs, there are many ways. If you look at CFNetwork.framework in Hopper you can locate the functions by first searching for the strings that get logged in the console.
One symbol I found useful to put a breakpoint on is:
StrictSecurityPolicy::logInsecureLoadFailure(__CFURL const*) const