I know that in Apple docs, they say this:
After you construct the association file, place it in your site’s
.well-known directory. The file’s URL should match the following
format:https:///.well-known/apple-app-site-association You must host the file
using https:// with a valid certificate and with no redirects.
Our site is not using https, but rather http, but apple-app-site-association file is hosted using https. That is achieved by:
- using letsencrypt and certbot, which gives valid certificate
- some nginx configuration so that all works
I am not a devops, so I don’t know details about above, but if we go to ASAA validator (https://branch.io/resources/aasa-validator/) we get this:
The apple-app-site-association file looks like this:
{
"applinks": {
"apps": [],
"details": [
{
"appID": "com.xxx.MyApp",
"paths": [ "/#/new-password/*", "/#/new-password/"]
}
]
}
}
In developer portal, I have enabled associated domains, and in Xcode, Associatied Domains-> Domains setting looks like this:
applinks:mysite.dev.com
Also in ApplicationDelegate I have implemented continueUserActivity method in AppDelegate, but it doesn’t trigger, and when I click on a password reset link (from a mailtrap) my application doesn’t open, but rather web link is opened (the site).
Link has this structure:
http://mysite.dev.com/#/new-password/a-random-hash-goes-here
Is this problem cause only apple-app-site-association is server on https, but rest of site trough https?
Or, maybe, there is a problem with structure of a file? (specifically paths key)?
2
Answers
From apples documentation:
So in yours case I think iOS doesn’t tried to download it through HTTPS version and get unsigned
apple-app-site-association
I see two posible solutions:
apple-app-site-association
You could try the following, in the
Info.plist
file of your app add the following keys:NSAppTransportSecurity
as a DictionaryNSAllowsArbitraryLoads
as Boolean and set its value to YESNSTemporaryExceptionMinimumTLSVersion
as String and set its value toTLSv1.2
.The above would see as the following image:
And the code would be like:
If the before steps don’t work, you could try to add exceptions for specific domains in your Info.plist:
The above is just experimentally, take in mind that if your app doesn’t have a good reason to allow HTTP traffic it could be rejected by Apple, I share with you some interesting links:
https://developer.apple.com/library/archive/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33
https://developer.apple.com/videos/play/wwdc2015/703/
https://github.com/AFNetworking/AFNetworking/issues/2779#issuecomment-112030880
Regards!