Google tells developers how to disable iOS 9 security and continue serving ads

BY Killian Bell

Published 28 Aug 2015

Default iOS 9 Wallpaper

Google has provided developers with the code they’ll need to disable iOS 9‘s new App Transport Security (ATS) feature and continue serving ads after the update rolls out to all next month.

“While Google remains committed to industry-wide adoption of HTTPS, there isn’t always full compliance on third party ad networks and custom creative code served via our systems,” the search giant explains in a post on its blog.

“To ensure ads continue to serve on iOS9 devices for developers transitioning to HTTPS, the recommended short term fix is to add an exception that allows HTTP requests to succeed and non-secure content to load successfully.”

To add that exception, developers need just five lines of code. Those are:

<key>NSAppTransportSecurity</key>
<dict>
    <key>NSAllowsArbitraryLoads</key>
    <true/>
</dict>

Google encourages developers to use HTTPS exclusively and ensure their apps are compliant with ATS going forward, but disabling the feature is a workaround for those whose “approaches to comply with ATS standards are unsuccessful.”

Google points to Apple’s developer support document that describes those different approaches, including selectively enabling ATS only for a list of provided HTTPS sites. The company adds that it strongly advocates HTTPS protection, and has done for many years.