Improved ATS logs

Ashton Williams
Aug 27, 2017 · 2 min read

When a cleartext HTTP load sneaks into your app (You don’t allow abritrary loads right?), CFNetwork, the networking library on iOS and macOS, gives you get this nice console message:

2017–08–27 14:08:11.589 MyApp[24489:5654631] App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app’s Info.plist file.

Helpful, but it only shows up once, and doesn’t tell you what the URL was.

We can make it a little more helpful by using an undocumented UserDefaults key: com.apple.cfnetwork.ats.loglevel to 2.

2017-08-27 14:09:31.125 MyApp[24508:5688634] The load of http://www.google.com/ is blocked by ATS policy.

Now it logs every time a load is blocked and it includes the URL.

The easiest way to set this key is by editing your scheme (⌘<) and adding an item to Arguments Passed On Launch for the Run action.
Remember the syntax for UserDefaults passed as arguments is -key value .

Enter -com.apple.cfnetwork.ats.loglevel 2 like so:

Adding the UserDefault to a Schemes Run action arguments.

Just remember that this key is not documented. I find it more useful than the default log message, while being much less verbose and easier to use than the full CFNetwork Diagnostic Logging.


I found myself coming back to this post for my own reference, so I’ll add some more tips.

If you want to set a breakpoint when an ATS violation occurs, there are many ways. If you look at CFNetwork.framework in Hopper you can locate the functions by first searching for the strings that get logged in the console.

One symbol I found useful to put a breakpoint on is:

StrictSecurityPolicy::logInsecureLoadFailure(__CFURL const*) const

)
Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade