Comments (8)
Here are a few things I've found while looking into this:
* In the latest one or two versions, changes were made due to updated iOS App Store submission requirements: * The latest iOS version was built with a newer version of XCode. * This caused [IOS Application does not open #10412](https://github.com/laurent22/joplin/issues/10412), [which was fixed here](https://github.com/laurent22/joplin/commit/966fe38ae3a30d70db6a330cdf29a53e3ad9fff1). * The latest iOS version also includes a [privacy manifest](https://developer.apple.com/documentation/bundleresources/privacy_manifest_files). * `Info.plist` configuration * In [the Apple documentation for NSAllowsLocalNetworking](https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity/nsallowslocalnetworking?language=objc) states that configuration changes might be needed to connect to IP addresses in iOS 17: > The NSAllowsLocalNetworking key controls whether App Transport Security (ATS) allows your app to connect to unqualified domains, .local domains, and IP addresses using IPv4 or IPv6. > In iOS 9 and macOS 10.11, ATS disallows connections to all three domain types. You can add exceptions for unqualified domains and .local domains in the [NSExceptionDomains](https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity/nsexceptiondomains?language=objc) dictionary, but you can’t add IP addresses. Instead you use [NSAllowsArbitraryLoads](https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity/nsallowsarbitraryloads?language=objc) when you want to load directly from an IP address. > In iOS 10 through iOS 16, iPadOS 13.1 through iPadOS 16, and macOS 10.12 through macOS 13, ATS allows all three of these connections by default, so you no longer need an exception for any of them. However, if you need to maintain compatibility with older versions of the OS, set both of the [NSAllowsArbitraryLoads](https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity/nsallowsarbitraryloads?language=objc) and NSAllowsLocalNetworking keys to YES. > **In iOS 17, iPadOS 17, and macOS 14, ATS no longer allows connections to IP addresses by default. Add individual IP addresses and classless inter-domain routing (CIDR) ranges in the NSExceptionDomains dictionary.** > (Emphasis added) * Joplin currently does include exceptions: https://github.com/laurent22/joplin/blob/ca8fd8d7ae4eb77d65ff62d9e87ac42ab67d362c/packages/app-mobile/ios/Joplin/Info.plist#L40-L49 This file doesn't seem to have been modified recently, however.
Thanks again for your digging in. It makes sense now why plain http and ip addresses work fine until recent versions. I will try to modify sync connections from http to https and see what comes next.
This issue then will be closed and I will paste something later if I find anything useful.
from joplin.
My webdav service is a self-hosted nginx one and I use plain http and ip address for years as my sync target, it works well just until today.
By default, React Native doesn't seem to support plain HTTP on iOS >= 9.0. From the documentation,
By default, iOS 9.0 or later enforce App Transport Secruity (ATS). ATS requires any HTTP connection to use HTTPS. If you need to fetch from a cleartext URL (one that begins with http) you will first need to add an ATS exception. If you know ahead of time what domains you will need access to, it is more secure to add exceptions only for those domains; if the domains are not known until runtime you can disable ATS completely. Note however that from January 2017, Apple's App Store review will require reasonable justification for disabling ATS. See Apple's documentation for more information.
from joplin.
My webdav service is a self-hosted nginx one and I use plain http and ip address for years as my sync target, it works well just until today.
By default, React Native doesn't seem to support plain HTTP on iOS >= 9.0. From the documentation,
By default, iOS 9.0 or later enforce App Transport Secruity (ATS). ATS requires any HTTP connection to use HTTPS. If you need to fetch from a cleartext URL (one that begins with http) you will first need to add an ATS exception. If you know ahead of time what domains you will need access to, it is more secure to add exceptions only for those domains; if the domains are not known until runtime you can disable ATS completely. Note however that from January 2017, Apple's App Store review will require reasonable justification for disabling ATS. See Apple's documentation for more information.
Thanks for the info. I just checked my phone and it's iOS 17.4.1, the iOS 9.0 is quite far away from now. Also I started using joplin with self-hosted webdav from ~2020 on crossplatform clients and it works with plain http and ip address from the beginning to yesterday. I'm not sure if this bug is all about this ATS thing.
from joplin.
i also have the same problem when use ios client to sync, but windows version is well.
from joplin.
Here are a few things I've found while looking into this:
- In the latest one or two versions, changes were made due to updated iOS App Store submission requirements:
- The latest iOS version was built with a newer version of XCode.
- This caused #10412, which was fixed here.
- The latest iOS version also includes a privacy manifest.
- The latest iOS version was built with a newer version of XCode.
Info.plist
configuration- In the Apple documentation for NSAllowsLocalNetworking states that configuration changes might be needed to connect to IP addresses in iOS 17:
The NSAllowsLocalNetworking key controls whether App Transport Security (ATS) allows your app to connect to unqualified domains, .local domains, and IP addresses using IPv4 or IPv6.
In iOS 9 and macOS 10.11, ATS disallows connections to all three domain types. You can add exceptions for unqualified domains and .local domains in the NSExceptionDomains dictionary, but you can’t add IP addresses. Instead you use NSAllowsArbitraryLoads when you want to load directly from an IP address.
In iOS 10 through iOS 16, iPadOS 13.1 through iPadOS 16, and macOS 10.12 through macOS 13, ATS allows all three of these connections by default, so you no longer need an exception for any of them. However, if you need to maintain compatibility with older versions of the OS, set both of the NSAllowsArbitraryLoads and NSAllowsLocalNetworking keys to YES.
In iOS 17, iPadOS 17, and macOS 14, ATS no longer allows connections to IP addresses by default. Add individual IP addresses and classless inter-domain routing (CIDR) ranges in the NSExceptionDomains dictionary.
(Emphasis added) - Joplin currently does include exceptions:
joplin/packages/app-mobile/ios/Joplin/Info.plist
Lines 40 to 49 in ca8fd8d
This file doesn't seem to have been modified recently, however.
- In the Apple documentation for NSAllowsLocalNetworking states that configuration changes might be needed to connect to IP addresses in iOS 17:
from joplin.
I found a alternatives way: #10437
from joplin.
Related Issues (20)
- Mismatched translations HOT 3
- Note attachment changes not reflected after reducing them
- Disable sync lock support HOT 4
- iOS: Can't accept encrypted shared notebooks HOT 4
- IOS Application does not open HOT 5
- 502 Bad Gateway right now! HOT 6
- Desktop: Beta Editor: Toggle checkbox using Markdown Viewer does not check box in Markdown Editor HOT 3
- Plugin spec page crashes documentation
- Display Joplin Cloud info in settings
- Rendering freezes editor HOT 2
- Text search doesn't show results including all partial words as expected HOT 3
- "Options" changes in Windows client are not saved because "joplin-desktop\settings.json" cannot be written to
- Desktop app won't sync + published notes not accessible HOT 2
- Support running synchronizer tests from "Synchronization Status"
- iOS: Camera attaches multiple copies of an image to a note when in edit mode
- Joplin updated from 12.14.6 to 12.14.8 in IOS17.5 , Webdav sync failed :Network request faild HOT 3
- CodeMirror 6 quirk list HOT 2
- Minor translation error
- Export to Markdown + Front Matter is incomplete
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from joplin.