developer.apple.com.rss.xml - sfeed_tests - sfeed tests and RSS and Atom files
HTML git clone git://git.codemadness.org/sfeed_tests
DIR Log
DIR Files
DIR Refs
DIR README
DIR LICENSE
---
developer.apple.com.rss.xml (599025B)
---
1 <?xml version="1.0" encoding="UTF-8"?>
2 <rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:atom="http://www.w3.org/2005/Atom">
3 <channel>
4 <atom:link href="https://developer.apple.com/news/rss/news.rss" rel="self" type="application/rss+xml" />
5 <title>News - Apple Developer</title>
6 <link>https://developer.apple.com/news/</link>
7 <description></description>
8 <language>en</language>
9 <lastBuildDate>Wed, 03 Feb 2021 16:54:46 PST</lastBuildDate>
10 <generator>Custom</generator>
11 <copyright>Copyright 2021, Apple Inc.</copyright>
12
13 <item>
14 <title>New and updated Apple design resources now available</title>
15 <link>https://developer.apple.com/news/?id=kn2a8g2q</link>
16 <guid>https://developer.apple.com/news/?id=kn2a8g2q</guid>
17 <description><p>Designing apps for Apple platforms just got easier. Now you can quickly lay out your app for macOS&nbsp;Big&nbsp;Sur or tvOS&nbsp;14 using new design templates, components, guides, and more. All major macOS and tvOS components, such as buttons, segmented controls, alerts, menus, and other controls, are included. In addition, the updated iOS&nbsp;14 and iPadOS&nbsp;14 design resources for Sketch have been rebuilt to support color variables, and include numerous minor improvements and bug&nbsp;fixes.</p>
18 <p><a href="https://developer.apple.com/design/resources/"><span class="icon icon-after icon-chevronright nowrap">View resources</span></a></p></description>
19 <pubDate>Wed, 03 Feb 2021 16:54:46 PST</pubDate>
20 </item>
21 <item>
22 <title>Take advantage of new advertising attribution technologies</title>
23 <link>https://developer.apple.com/news/?id=wajvzt18</link>
24 <guid>https://developer.apple.com/news/?id=wajvzt18</guid>
25 <description><p><strong>SKAdNetwork 2.2.</strong> This update supports view-through attribution for advertisement formats such as video, audio, and interactive advertisements. This allows you to display your choice of advertising formats and measure which creatives are most effective, while preserving user privacy.</p>
26 <p><strong>Private Click Measurement.</strong> iOS&nbsp;14.5 and iPadOS&nbsp;14.5 bring Private Click Measurement to apps, in addition to the web. Advertising networks can now measure the effectiveness of advertisement clicks within iOS or iPadOS apps that navigate to a website. This information can be used to understand which advertisements drive conversions (such as purchases or signups) — while maintaining user privacy.</p>
27 <p>Get started by building and testing your apps with the beta versions of Xcode&nbsp;12.5, iOS&nbsp;14.5, and iPadOS&nbsp;14.5.</p>
28 <p><a href="https://developer.apple.com/documentation/storekit/skadnetwork">Learn more <span class="icon icon-after icon-chevronright nowrap">about SKAdNetwork</span></a></p>
29 <p><a href="https://webkit.org/blog/11529/introducing-private-click-measurement-pcm/">Learn more about Private <span class="icon icon-after icon-chevronright nowrap">Click Measurement</span></a></p>
30 <p><a href="https://developer.apple.com/download/">Download the <span class="icon icon-after icon-chevronright nowrap">latest betas</span></a></p></description>
31 <pubDate>Mon, 01 Feb 2021 16:48:25 PST</pubDate>
32 </item>
33 <item>
34 <title>App Store Review Guideline updates now available</title>
35 <link>https://developer.apple.com/news/?id=3ozbk628</link>
36 <guid>https://developer.apple.com/news/?id=3ozbk628</guid>
37 <description><p>The App&nbsp;Store is a safe and trusted place for customers to discover and download apps, and a great opportunity for developers. The App&nbsp;Store Review Guideline changes and clarifications support new features in upcoming OS releases, better protect customers, and help your apps go through the review process as smoothly as possible. Review the updates below. Please note that all new apps and app updates submitted to the App&nbsp;Store must follow the revised guideline 5.1.2(i) by early spring 2021.</p><ul>
38 <li>1.4.3: Clarified the prohibition of promoting certain substances: “Apps that encourage consumption of tobacco and vape products, illegal drugs, or excessive amounts of alcohol are not permitted on the App&nbsp;Store. Apps that encourage minors to consume any of these substances will be rejected. Facilitating the sale of controlled substances (except for licensed pharmacies), marijuana, or tobacco is not allowed.”</li>
39 </ul><ul>
40 <li>2.3: Clarified the information that must accurately reflect the app’s core experience: “Customers should know what they’re getting when they download or buy your app, so make sure all your app metadata, including privacy information, your app description, screenshots, and previews accurately reflect the app’s core experience and remember to keep them up-to-date with new versions.”</li>
41 </ul><ul>
42 <li>2.3.7: Clarified what metadata shouldn’t include: “Choose a unique app name, assign keywords that accurately describe your app, and don’t try to pack any of your metadata with trademarked terms, popular app names, pricing information, or other irrelevant phrases just to game the system. App names must be limited to 30 characters. Metadata such as app names, subtitles, screenshots, and previews should not include prices, terms, or descriptions that are not specific to the metadata type. App subtitles are a great way to provide additional context for your app; they must follow our standard metadata rules and should not include inappropriate content, reference other apps, or make unverifiable product claims. Apple may modify inappropriate keywords at any time or take other appropriate steps to prevent abuse.”</li>
43 </ul><ul>
44 <li>2.4.5(viii): Removed Rosetta as an example: “Apps should run on the currently shipping OS and may not use deprecated or optionally installed technologies (e.g., Java).”</li>
45 </ul><ul>
46 <li>3.1.1: Clarified that these items must be sold through in-app purchase: “Gift cards, certificates, vouchers, and coupons which can be redeemed for digital goods or services can only be sold in your app using in-app purchase.”</li>
47 </ul><ul>
48 <li>3.1.1: Clarified how apps can enable customers to “tip” developers: “Apps may use in-app purchase currencies to enable customers to “tip” the developer or digital content providers in the app.”</li>
49 </ul><ul>
50 <li>3.1.1: Deleted: “Remember to assign the correct purchasability type or your app will be rejected.”</li>
51 </ul><ul>
52 <li>3.1.2(a): Clarified how certain games can offer a subscription across third-party apps and services: “Games offered in a streaming game service subscription may offer a single subscription that is shared across third-party apps and services; however, they must be downloaded directly from the App&nbsp;Store, must be designed to avoid duplicate payment by a subscriber, and should not disadvantage non-subscriber customers.”</li>
53 </ul><ul>
54 <li>3.1.3(c): Clarified what enterprise users can access and what purchase methods they can use: “Enterprise Services: If your app is only sold directly by you to organizations or groups for their employees or students (for example professional databases and classroom management tools), you may allow enterprise users to access previously-purchased content or subscriptions. Consumer, single user, or family sales must use in-app purchase.”</li>
55 </ul><ul>
56 <li>3.1.3(d): Changed terminology from “person-to-person experiences” to “person-to-person services” to clarify that services provided by one individual to another are in scope: “If your app enables the purchase of realtime person-to-person services between two individuals (for example tutoring students, medical consultations, real estate tours, or fitness training), you may use purchase methods other than in-app purchase to collect those payments. One-to-few and one-to-many realtime services must use in-app purchase.”</li>
57 </ul><ul>
58 <li>3.2.1(viii): Clarified who can create apps for these services. Removed option to use a public API: “Apps used for financial trading, investing, or money management should come from the financial institution performing such services.”</li>
59 </ul><ul>
60 <li>3.2.2(ix): Removed duplicative section regarding forcing users to perform actions, which is fully covered by 3.2.2(vi); renumbered former 3.2.2(x).</li>
61 </ul><ul>
62 <li>4.2.3(iii): Clarified the information that certain apps need to disclose: “If your app needs to download additional resources in order to function on initial launch, disclose the size of the download and prompt users before doing so.”</li>
63 </ul><ul>
64 <li>5.1.1(ix): Clarified that gambling is a heavily-regulated field in scope: “Apps that provide services in highly-regulated fields (such as banking and financial services, healthcare, gambling and air travel) or that require sensitive user information should be submitted by a legal entity that provides the services, and not by an individual developer.”</li>
65 </ul><ul>
66 <li>5.1.2(i): Added: “You must receive explicit permission from users via the App Tracking Transparency APIs to track their activity. Learn more about <a href="https://developer.apple.com/app-store/user-privacy-and-data-use/">tracking</a>.”</li>
67 </ul><ul>
68 <li>After You Submit: Reordered the paragraph describing appeals for clarity.</li>
69 </ul><p><a href="https://developer.apple.com/app-store/review/guidelines/">Read the App&nbsp;Store <span class="icon icon-after icon-chevronright nowrap">Review Guidelines</span></a> </p></description>
70 <pubDate>Mon, 01 Feb 2021 11:11:42 PST</pubDate>
71 </item>
72 <item>
73 <title>Developer Spotlight: MySwimPro</title>
74 <link>https://developer.apple.com/news/?id=kzbg2f2x</link>
75 <guid>https://developer.apple.com/news/?id=kzbg2f2x</guid>
76 <description><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/87768535-B93B-4082-8A75-CB1F75F0E425/2048.jpeg" data-hires="false" alt=""></div><p>Sometimes a good idea hits you like a splash of cold water.</p>
77 <p>Fares Ksebati cocreated <em>MySwimPro</em> in 2015 to provide a deep pool of aquatic workout videos for like-minded athletes. The app syncs with Apple Health to keep your swimming and workout data secure. With 2021 being an Olympic year, he and cofounder Adam Oxner are poised to make even bigger waves: “Swimming gets a lot of public notoriety every four years,” says Ksebati. </p>
78 <p>We spoke to Ksebati, a three-time U.S. Masters swimming champion, about the power of incremental change and what every entrepreneur should know before diving into app development.</p><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/539371B3-8210-4AF2-B681-31A0F4BD4BD6/2048.jpeg" data-hires="false" alt="No pool? MySwimPro has hundreds of dryland videos to help swimmers stay in shape."><p class="typography-caption">No pool? MySwimPro has hundreds of dryland videos to help swimmers stay in shape.</p></div><p><strong>How did you start creating apps?</strong>
79 Before launching MySwimPro in 2015, I worked at four different startups and was always coaching swimming on the side. At the time, there was really nothing that addressed swimmers, so that’s when the light-bulb moment happened. </p>
80 <p>If you work on something you understand intimately, it’s a lot easier because you have that intuition, that unique lens. I’m a swimmer and a coach, but above all I’m a swimming nerd. I not only understand it but I care about it.</p>
81 <p><strong>How is the MySwimPro team structured these days?</strong>
82 Our HQ is technically in Ann Arbor, but we have team members across the United States and a few countries like Turkey and Ukraine. The app is in nine languages, and we were able to do most of that in-house because we speak almost a dozen languages on our team, which is really unique.</p>
83 <p><strong>What do you do as a team to stay motivated?</strong>
84 Go to the pool! I literally went for a swim two hours ago. Because we’re a fitness brand, it’s part of our culture to take a break in the middle of the day. I want everybody to feel comfortable doing that, even if they’re not swimming.</p>
85 <p><strong>What’s been the most challenging time for your team, and how did you get through it?</strong>
86 Back in March, when pools were closing, we thought, “OK, this could be two or three years, but we can’t sit around and do nothing.” So we took action very quickly, creating 200 dryland videos and eight training programs. We went to my brother’s house and rearranged his living room into an at-home fitness facility.</p>
87 <p><strong>What do you know now that you wish you’d known when you started?</strong>
88 That it's really important to be consistent, that it takes time to develop, and that if you can just be a little bit better every single day, the compounding impact is absolutely insane. We’ve been at this for five years, which is more than 1,800 days, and we’re trying to be at least 1 percent better each day.</p><hr><p><em>Originally published on the App Store.</em></p><p><a href="https://apps.apple.com/us/app/myswimpro-1-swim-workout-app/id994386450" class="icon icon-after icon-chevronright">Learn more about MySwimPro on the App Store</a></p><p><a href="https://developer.apple.com/app-store/small-business-program/" class="icon icon-after icon-chevronright">Learn more about the App Store Small Business Program</a></p></description>
89 <pubDate>Fri, 29 Jan 2021 04:00:27 PST</pubDate>
90 </item>
91 <item>
92 <title>AppTrackingTransparency requirement update</title>
93 <link>https://developer.apple.com/news/?id=8rm6injj</link>
94 <guid>https://developer.apple.com/news/?id=8rm6injj</guid>
95 <description><p>Late last year, to give you additional time to prepare, we had temporarily deferred the requirement to use AppTrackingTransparency when requesting permission to track users and access device advertising identifiers. This requirement now goes into effect starting with the upcoming beta update, and will roll out to everyone in early spring with an upcoming release of iOS&nbsp;14, iPadOS&nbsp;14, and tvOS&nbsp;14. We encourage you to verify your app’s implementation of AppTrackingTransparency as soon as possible. Without the user’s permission, you will not be allowed to track them and the device’s advertising identifier value will be all zeros.</p>
96 <p>In an upcoming release of iOS and iPadOS, we will enhance SKAdNetwork and add Private Click Measurement support for apps, allowing advertising networks to better attribute advertisements that display within apps on these platforms. Private Click Measurement enables the measurement of ad campaigns that direct users to websites while preserving user privacy. Additional details are coming&nbsp;soon.</p>
97 <p><a href="https://developer.apple.com/app-store/user-privacy-and-data-use/">Learn more about user privacy and <span class="icon icon-after icon-chevronright nowrap">data use</span></a></p></description>
98 <pubDate>Thu, 28 Jan 2021 20:37:32 PST</pubDate>
99 </item>
100 <item>
101 <title>Identity Pinning: How to configure server certificates for your app</title>
102 <link>https://developer.apple.com/news/?id=g9ejcf8y</link>
103 <guid>https://developer.apple.com/news/?id=g9ejcf8y</guid>
104 <description><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/B482D0A4-3389-4A58-8420-427E84A64CD0/2048.jpeg" data-hires="false" alt=""></div><p>If your app sends or receives data over the network, it’s critical to preserve the privacy and integrity of a person’s information and protect it from data breaches and attacks. You should use the Transport Layer Security (TLS) protocol to protect content in transit and authenticate the server receiving the data.</p>
105 <p>When you connect through TLS, the server provides a certificate or certificate chain to establish its identity. You can further limit the set of server certificates your app trusts by pinning their public-key identities in your app. Here’s how to get started.</p><h3>When to use pinning</h3><p>By default, when your app connects to a secure TLS network, the system evaluates server trustworthiness by default. Most apps can meet their security requirements by relying on this behavior; however, certain apps may need to further limit the set of trusted certificates.</p>
106 <p>For example, your app may need to meet regulatory requirements that determine which specific Certificate Authorities (CAs) can be trusted. While Apple platforms ensure by default that only trustworthy CAs are involved, your app can use identity pinning to further limit the set of CAs to those associated with a particular government or organization.</p>
107 <p>Pinning cannot loosen the trust requirements of your app — it can only tighten them. You still always need to meet the system’s default trust requirements when using public-key certificates involved in a TLS network connection.</p><hr><p><em>Note: When you’ve configured your app to expect a specific set of public keys for a given server, it will refuse to connect to that server unless those public keys are involved. As a result, if the server deploys new certificates that alter the public keys, your app will refuse to connect. At that point, you’ll need to update your app with a pinning configuration that reflects the new set of public keys.</em></p><hr><h3>Think long term</h3><p>If you want to use identity pinning in your app, consider creating a long-term strategy that accounts for both planned and unplanned events so that you can prevent pinning failures.</p>
108 <p>Your app can proactively provide a great experience by pinning the public keys of CAs, instead of servers. This way, you can deploy server certificates that contain new public keys signed by the same CA without the need for pinning configuration updates.</p>
109 <p>You can also consider pinning more than one public key, especially when pinning server identities. This way, your app will still be able to connect to configured servers even if they revoke or rotate certificates.</p>
110 <p>Additionally, plan to provide a fallback experience in your app if it’s unable to connect to a server in the event of a pinning failure. First, think of ways your app experience may be impacted, and come up with mitigating solutions for any negative side effects. Can the app still function without making that connection, and can you provide someone with a temporary recovery path?</p>
111 <p>You’ll also want to plan for an eventual recovery path. One way you can address pinning failures is through a new pinning configuration, delivered via app update. Consider whether that’s an option given the use cases of your app.</p>
112 <p>We highly recommend simulating various events and potential failure points when testing your app by acquiring additional public-key certificates for this purpose and varying the configuration of your server accordingly.</p><h3>How to pin CA public keys</h3><p>A pinned CA public key must appear in a certificate chain either in an intermediate or root certificate. Pinned keys are always associated with a domain name, and the app will refuse to connect to that domain unless the pinning requirement is met.</p>
113 <p>As an example, to require the presence of a specific CA public key when connecting to the <code>example.org</code> domain name, you can add the following entries to the <code>Info.plist</code> file of your app.</p><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/9F9C623B-1CA9-4A49-A5AA-71C265A73B2D/2048.jpeg" data-hires="false" alt="NSAppTransportSecurity
114
115 NSPinnedDomains
116
117 example.org
118
119 NSIncludesSubdomains
120
121 NSPinnedCAIdentities
122
123
124 SPKI-SHA256-BASE64
125 r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=
126
127
128
129
130 "></div><pre class="code-source"><code><span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSAppTransportSecurity<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
131 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
132 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSPinnedDomains<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
133 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
134 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>example.org<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
135 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
136 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSIncludesSubdomains<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
137 <span class="syntax-tag">&lt;<span class="syntax-name">true</span>/&gt;</span>
138 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSPinnedCAIdentities<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
139 <span class="syntax-tag">&lt;<span class="syntax-name">array</span>&gt;</span>
140 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
141 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>SPKI-SHA256-BASE64<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
142 <span class="syntax-tag">&lt;<span class="syntax-name">string</span>&gt;</span>r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=<span class="syntax-tag">&lt;/<span class="syntax-name">string</span>&gt;</span>
143 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
144 <span class="syntax-tag">&lt;/<span class="syntax-name">array</span>&gt;</span>
145 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
146 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
147 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span></code></pre><p>In this example, the pinned public key is associated with <code>example.org</code> and also subdomains such as <code>math.example.org</code> and <code>history.example.org</code>, but it won’t be associated with <code>advanced.math.example.org</code>, or <code>ancient.history.example.org</code>.</p>
148 <p>The public key is expressed as the Base64-encoded SHA-256 digest of an X.509 certificate’s DER-encoded ASN.1 Subject Public Key Info structure. Assuming the following PEM-encoded public-key certificate, stored in file <code>ca.pem</code>, you can calculate its SPKI-SHA256-BASE64 value with the <code>openssl</code> command.</p><pre class="code-source"><code>-----BEGIN CERTIFICATE-----
149 MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
150 MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
151 d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
152 QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
153 MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
154 b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
155 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
156 CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
157 nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
158 43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
159 T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
160 gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
161 BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
162 TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
163 DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
164 hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
165 06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
166 PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
167 YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
168 CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
169 -----END CERTIFICATE-----
170
171 $ cat ca.pem | openssl x509 -inform pem -noout -outform pem -pubkey | openssl pkey -pubin -inform pem -outform der | openssl dgst -sha256 -binary | openssl enc -base64</code></pre><p>To introduce redundancy into your pinning configuration, you can associate multiple public keys with a domain name. </p><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/E44F6BA7-FBD3-45CB-A7D1-915B94D53DF3/2048.jpeg" data-hires="false" alt="Screenshot of NSPinnedLeafIdentities: App Transport Security Settings — Dictionary — 1 item
172 NSPinned Domains — Dictionary — 2 items
173 example.org — Dictionary — 2 items
174 example.net — Dictionary — 1 item
175 NSPinnedLeafIdentities — Array — 2 items
176 Item 0 — Dictionary — 1 item
177 SPKI-SHA256-BASE64 — String — i9HalScvf6T/skE3/A7QOq5n5cTYs8UHNOEFCnkguSI=
178 Item 1 — Dictionary — 1 item
179 SPKI-SHA256-BASE64 — String — i9HalScvf6T/skE3/A7QOq5n5cTYs8UHNOEFCnkguSI="></div><pre class="code-source"><code><span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSAppTransportSecurity<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
180 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
181 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSPinnedDomains<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
182 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
183 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>example.org<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
184 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
185 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSIncludesSubdomains<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
186 <span class="syntax-tag">&lt;<span class="syntax-name">true</span>/&gt;</span>
187 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSPinnedCAIdentities<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
188 <span class="syntax-tag">&lt;<span class="syntax-name">array</span>&gt;</span>
189 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
190 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>SPKI-SHA256-BASE64<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
191 <span class="syntax-tag">&lt;<span class="syntax-name">string</span>&gt;</span>r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=<span class="syntax-tag">&lt;/<span class="syntax-name">string</span>&gt;</span>
192 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
193 <span class="syntax-tag">&lt;/<span class="syntax-name">array</span>&gt;</span>
194 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
195 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>example.net<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
196 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
197 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>NSPinnedLeafIdentities<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
198 <span class="syntax-tag">&lt;<span class="syntax-name">array</span>&gt;</span>
199 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
200 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>SPKI-SHA256-BASE64<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
201 <span class="syntax-tag">&lt;<span class="syntax-name">string</span>&gt;</span>i9HaIScvf6T/skE3/A7QOq5n5cTYs8UHNOEFCnkguSI=<span class="syntax-tag">&lt;/<span class="syntax-name">string</span>&gt;</span>
202 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
203 <span class="syntax-tag">&lt;<span class="syntax-name">dict</span>&gt;</span>
204 <span class="syntax-tag">&lt;<span class="syntax-name">key</span>&gt;</span>SPKI-SHA256-BASE64<span class="syntax-tag">&lt;/<span class="syntax-name">key</span>&gt;</span>
205 <span class="syntax-tag">&lt;<span class="syntax-name">string</span>&gt;</span>i9HaIScvf6T/skE3/A7QOq5n5cTYs8UHNOEFCnkguSI=<span class="syntax-tag">&lt;/<span class="syntax-name">string</span>&gt;</span>
206 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
207 <span class="syntax-tag">&lt;/<span class="syntax-name">array</span>&gt;</span>
208 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
209 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span>
210 <span class="syntax-tag">&lt;/<span class="syntax-name">dict</span>&gt;</span></code></pre><p>For example, to pin multiple public keys for the <code>example.net</code> server certificate, you would add individual entries as items in an array to the <code>Info.plist</code> file of your app. To satisfy the pinning requirement for a connection to <code>example.net</code>, the server certificate must include one of those keys.</p><h3>Resources</h3><p><a href="https://developer.apple.com/documentation/bundleresources/information_property_list/nsapptransportsecurity" class="icon icon-after icon-chevronright">Learn more about NSAppTransportSecurity</a></p></description>
211 <pubDate>Thu, 14 Jan 2021 16:29:31 PST</pubDate>
212 </item>
213 <item>
214 <title>Meet App Clip Codes</title>
215 <link>https://developer.apple.com/news/?id=g9qbtdvu</link>
216 <guid>https://developer.apple.com/news/?id=g9qbtdvu</guid>
217 <description><div class="inline-article-image"><img src="https://devimages-cdn.apple.com/wwdc-services/articles/images/4367279B-E1C6-44AF-B86E-E0142DCECE66/2048.jpeg" data-hires="false" alt="App Clips icon on blue background"></div><p>App Clip Codes are customizable Apple-designed markers built to launch your App Clip. When someone scans your App Clip Code, it will bring up your App Clip or, if the person already has your app installed, will directly launch into a specific part of your app. Each code has a distinct design: It’s immediately recognizable, unique to each App Clip, and provides people with a secure and reliable way to trigger your experience. Codes can even incorporate an NFC tag, allowing people to open an App Clip by simply holding their iPhone nearby without needing to scan it through the Camera app.</p>
218 <p>You can easily make App Clip Codes and customize them to match your company’s brand or internal designs. Here’s how you can create new codes and pick the right code for the experience you want to provide to your customers.</p><h3>Plan for your App Clip experience</h3><p>To create new App Clip Codes, use the App Clip Code Generator. When you make a new code, you can choose its colors, assign a custom URL that resolves for your app, and decide whether to create a code that supports NFC (Near Field Communication).</p><p><strong>Single vs multiple App Clip Codes</strong>
219 If you’ve created a single App Clip for your app, you can make a single App Clip Code so that everyone who scans the code gets the same information. For example, if you own a restaurant, placing the same App Clip Code at every table can bring up an App Clip with your digital menu and payment options. Every instance of the single code delivers the same experience.</p>
220 <p>You can also duplicate the same App Clip Code for use on items like hardware packaging: For instance, if you have a product that requires an in-app setup experience, you can add the same App Clip Code to your packaging to bring your customers directly to the setup experience or interactive instruction manual. As with the restaurant example, you’re always bringing customers to the same experience within your app, so you only need to create a single unique App Clip Code and duplicate it across your material. </p>
221 <p>If you offer multiple App Clips or advanced App Clip experiences, you can create unique codes for each experience. For example, if you have an app for your restaurant and want to offer an App Clip for ordering takeout on your advertising as well as a different App Clip for people ordering at your restaurant's outdoor tables, you can create discrete App Clip Codes for each that invoke different parts of the app.</p><p><strong>Should you use NFC?</strong>
222 People can interact with App Clip Codes in two ways: Scan Only or NFC. Scanned codes work when someone uses the Barcode reader or the Camera app on iPhone or iPad to view the code, which then delivers a customized URL they can tap on that brings them into the app. In contrast, NFC-integrated codes let people simply hold their device near an App Clip Code to invoke the App Clip.</p>
223 <p>While you have the flexibility to choose either type to best suit your needs, we recommend using an NFC-integrated App Clip Code whenever someone can easily physically access your App Clip Code. Examples include: </p>
224 <ul>
225 <li>On a restaurant tabletop</li>
226 <li>Near point-of-sale hardware systems </li>
227 <li>In a storefront window</li>
228 <li>On easily-accessible signage</li>
229 <li>On a gift card, coupon, or other offer</li>
230 </ul>
231 <p>If you integrate an NFC tag with your App Clip code, be sure to use a Type 5 NFC tag at least 35mm in diameter (or equivalent) to ensure the best experience.</p><p><a href="https://developer.apple.com/design/human-interface-guidelines/ios/user-interaction/near-field-communication/" class="icon icon-after icon-chevronright">Learn more about designing for NFC</a></p><p>If your code is displayed digitally or in an area where NFC doesn’t make sense, use the Scan Only version. Examples include:</p>
232 <ul>
233 <li>On distant posters or street advertising</li>
234 <li>On signage behind a counter or otherwise out of reach</li>
235 <li>In digital materials such as an email or social media images</li>
236 </ul><p><strong>Customize the look of your App Clip Code</strong>
codemadness.org:70 /git/sfeed_tests/file/input/sfeed/realworld/developer.apple.com.rss.xml.gph:247: line too long