Merge pull request #68 from aclev/removedATSExceptions

removed the ATS Exceptions
OneDrive · Dec 8, 2015 · a89f45a · a89f45a
2 parents bc921cb + d43a731
commit a89f45a
Show file tree

Hide file tree

Showing 3 changed files with 2 additions and 95 deletions.
diff --git a/Examples/iOSExplorer/iOSExplorer.xcodeproj/project.pbxproj b/Examples/iOSExplorer/iOSExplorer.xcodeproj/project.pbxproj
@@ -18,8 +18,8 @@
 		106DAB3E1AF82E77001FF917 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 106DAB3A1AF82E77001FF917 /* Main.storyboard */; };
 		106DAB3F1AF82E77001FF917 /* Images.xcassets in Resources */ = {isa = PBXBuildFile; fileRef = 106DAB3C1AF82E77001FF917 /* Images.xcassets */; };
 		51037E9C92F08CDC45500AAD /* libPods-iOSExplorer.a in Frameworks */ = {isa = PBXBuildFile; fileRef = D3DFCFC19ED153A38DAF7A55 /* libPods-iOSExplorer.a */; };
-		96DEE06E1BC5E4F700F02AF8 /* LaunchScreen.xib in Resources */ = {isa = PBXBuildFile; fileRef = 96DEE06A1BC5E4F700F02AF8 /* LaunchScreen.xib */; settings = {ASSET_TAGS = (); }; };
-		96DEE06F1BC5E4F700F02AF8 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 96DEE06C1BC5E4F700F02AF8 /* Main.storyboard */; settings = {ASSET_TAGS = (); }; };
+		96DEE06E1BC5E4F700F02AF8 /* LaunchScreen.xib in Resources */ = {isa = PBXBuildFile; fileRef = 96DEE06A1BC5E4F700F02AF8 /* LaunchScreen.xib */; };
+		96DEE06F1BC5E4F700F02AF8 /* Main.storyboard in Resources */ = {isa = PBXBuildFile; fileRef = 96DEE06C1BC5E4F700F02AF8 /* Main.storyboard */; };
 /* End PBXBuildFile section */
 
 /* Begin PBXCopyFilesBuildPhase section */

diff --git a/Examples/iOSExplorer/iOSExplorer/Info.plist b/Examples/iOSExplorer/iOSExplorer/Info.plist
@@ -22,39 +22,6 @@
 	<string>1</string>
 	<key>LSRequiresIPhoneOS</key>
 	<true/>
-	<key>NSAppTransportSecurity</key>
-	<dict>
-		<key>NSExceptionDomains</key>
-		<dict>
-			<key>NSExceptionRequiresForwardSecrecy</key>
-			<false/>
-			<key>NSIncludeSubdomains</key>
-			<true/>
-			<key>login.live.com</key>
-			<dict>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-			</dict>
-			<key>login.microsoftonline.com</key>
-			<dict>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-			</dict>
-			<key>login.windows.net</key>
-			<dict/>
-			<key>secure.aadcdn.microsoftonline-p.com</key>
-			<dict>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-			</dict>
-		</dict>
-	</dict>
 	<key>UILaunchStoryboardName</key>
 	<string>LaunchScreen</string>
 	<key>UIMainStoryboardFile</key>

diff --git a/README.md b/README.md
@@ -14,66 +14,6 @@ Integrate the [OneDrive API](https://dev.onedrive.com/README.htm) into your iOS
 
 ## 2. Getting started
 
-#### Note: iOS 9 App Transport Security (ATS)
-
-If you are targeting iOS 9 with XCode 7, you need to temporarily enable PFS exceptions for the following domains:
-
-* login.live.com
-* login.microsoftonline.com
-* login.windows.net
-* secure.aadcdn.microsoftonline-p.com
-
-To do this, add the following to your Info.plist :
-
-```xml
-<key>NSAppTransportSecurity</key>
-	<dict>
-		<key>NSExceptionDomains</key>
-		<dict>
-			<key>login.windows.net</key>
-			<dict/>
-			<key>NSIncludeSubdomains</key>
-			<true/>
-			<key>NSExceptionRequiresForwardSecrecy</key>
-			<false/>
-			<key>secure.aadcdn.microsoftonline-p.com</key>
-			<dict>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-			</dict>
-			<key>login.microsoftonline.com</key>
-			<dict>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-			</dict>
-			<key>login.live.com</key>
-			<dict>
-				<key>NSIncludeSubmdomains</key>
-				<true/>
-				<key>NSExceptionRequiresForwardSecrecy</key>
-				<false/>
-			</dict>
-		</dict>
-	</dict>
-```
-You can also see [OneDriveAPIExplorer](Examples/iOSExplorer) for an example.
-
-These domains enable MSA and standard AAD authentication. It's possible that an AAD domain has a multifactor auth flow or ADFS integration would send you to another domain. If you're targeting a customer set, you'll need to add exceptions for those domains to your app or disable ATS all together. To disable ATFS entirely add the following to your Info.plist:
-
-**Warning** This it not the recommended approach and is only necessary if you wish to target all tenants that do not use standard AAD authentication and do not support Transport Layer Security v1.2.
-
-```xml
-<key>NSAppTransportSecurity</key>
-    <dict>
-        <key>NSAllowArbitraryLoads</key>
-        <true/>
-    </dict>
-```
-
 ### 2.1 Register your application
 
 Register your application by following [these](https://dev.onedrive.com/app-registration.htm) steps.