[via Swift] What should the App Transport Security settings be set to?

[vincentneo]

Does tdlib make any calls via HTTP?

I was wondering if I should add any domains to the App Transport Security (ATS)'s exemption list, since I'm seeing console messages like:

Task <9F4EC7FE-6A9E-4A05-824B-CA1B96D15B2B>.<115> finished with error [-1005] Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <9F4EC7FE-6A9E-4A05-824B-CA1B96D15B2B>.<115>, NSLocalizedDescription=The network connection was lost., _kCFStreamErrorCodeKey=-4, _NSURLErrorRelatedURLSessionTaskErrorKey=(
    "LocalDataTask <9F4EC7FE-6A9E-4A05-824B-CA1B96D15B2B>.<115>",
    "LocalDataPDTask <9F4EC7FE-6A9E-4A05-824B-CA1B96D15B2B>.<115>",
    "LocalDataTask <9F4EC7FE-6A9E-4A05-824B-CA1B96D15B2B>.<115>"
), NSErrorFailingURLStringKey=http://149.154.171.5:80/api, _kCFStreamErrorDomainKey=4, NSErrorFailingURLKey=http://149.154.171.5:80/api}
[ 1][t 4][1675168859.048260211][ConnectionCreator.cpp:927][#1][!ConnectionCreator]   [Error : 0 : Socket is empty]

A quick search online shows the IP address is used by Telegram, and very clearly using port 80 with http. Pretty sure it got blocked by the lack of ATS setting.

Functionality wise, was able to authenticate and get chat list so far, though I'm just exploring the API around, not entirely sure if anything other than those 2 functions are broken or not, so I'm unsure of the impact.

[levlam]

TDLib uses HTTP only on watchOS, where socket API isn't available.

The port number can be 80, 443, or something else. IP addresses are received from the server, but you can add to the exemption list at least all built-in addresses: https://github.com/tdlib/td/blob/758ced943e44019b25852c365655da6f1fe6d24a/td/telegram/net/ConnectionCreator.cpp#L1240-L1260

[vincentneo]

Thank you @levlam for the quick and informative reply!