Already, iOSHTMLViewer enforces it and a plist key is required to access http.
Chances are the magic key won’t be accepted by reviewers by the end of the year either. What is unclear is what will happen for apps designed prior which access http. Will iOS 10 simply block them ?
Apple is not alone. Google’s Chrome will start flagging as not secure http sites in 2017.
This is not a new decision, Apple announce at WWDC 2015 that this was coming and apps should be switched to use HTTPS.
I’d expect Apple to block these apps and remove them in 30 days if they were not fixed.
In what way is an app https: ?
When it connects to other services on the web.
So an app connects to services which are not https and Apple pulls it from the store?
Pretty soon we’ll need permission to breathe.
It may have been announced, now it is becoming real. If indeed apps need to be updated, it may not be trivial for some.
What is less clear is precisely if apps will be removed from the App Store, or if iOS10 will simply block access to http for existing apps.
[quote=287418:@Jeff Tullin]So an app connects to services which are not https and Apple pulls it from the store?
Pretty soon we’ll need permission to breathe.[/quote]
That is life in the enchanted Apple world. Each year brings a new stringent requirement. Last year was 64 bit support for iOS apps.
To be fair, mobile are notoriously vulnerable to attacks, where SSL may help.