All children, except one, grow up. They soon know that they will grow up, and the way Wendy knew was this. One day when she was two years old she was playing in a garden, and she plucked another flower and ran with it to her mother. I suppose she must have looked rather delightful, for Mrs. Darling put her hand to her heart and cried, “Oh, why can’t you remain like this for ever!” This was all that passed between them on the subject, but henceforth Wendy knew that she must grow up. You always know after you are two. Two is the beginning of the end.
App Transport Security
Keeping private data secure on today’s Internet is an ongoing challenge, and with the release of iOS9, Apple is taking even more steps to protect user data. The most important change for developers in iOS9 is the addition of App Transport Security, which attempts to use secure HTTPS communications by default for all Internet connections, instead of standard HTTP. Ideally, all your apps and services should be upgraded to use HTTPS, but, for many iOS9 apps, that is simply not possible. Certain services, such as ad networks, still rely on unsecured HTTP and without modification, if your app tries to connect to an insecure address, it will result in an error. Not only is this possibly inconvenient for your users, it also looks unprofessional for error messages to be displayed inside your apps.
If standard HTTP connections are absolutely necessary for your app to function, you can avoid problems by adding a few lines to the app’s Info.plist file to whitelist the affected domains, or you can deactivate App Transport Security completely using the NSAllowsArbitraryLoads key.
As the finite supply of IPv4 addresses dwindles, it is becoming increasingly important to add support for the IPv6 protocol to all your iOS9 apps. Beginning in 2016, it will be mandatory for all new apps in the App Store to support IPv6, and those that do not support the protocol will be rejected. To make sure your apps are ready for IPv6, be sure that you use the correct OS networking frameworks, such as NSURLSession, avoid APIs that use IPv4 exclusively, and do not hard-code any IPv4 addresses into any of the URLs in your apps.