In 2016, Apple have implemented a new rule that won’t let us load data from unsecured websites anymore. That’s those beginning with http:// instead of https:// (the latter ones are secured with an SSL certificate, and hence traffic is encrypted).
When you load an unsecured source, you’ll get an error message like this:
App Transport Security has blocked a cleartext HTTP (http://) resource load since it is insecure. Temporary exceptions can be configured via your app's Info.plist file.
If a secured source of the data is available, it’s probably the easiest method to change the feed. However, if that’s not an option, we can convince Xcode to let our apps download what’s known as data from “arbitrary” sources. Here’s how to do it.
First, in Xcode, navigate to your project’s target and find the Info tab. The target is the one that has your app icon showing, NOT the blue Xcode icon (top left, in the Project Navigator).
Now right-click on any of the many lines and select “Add Row”. This adds a value to your Info.plist file. Notice a list that comes up. Either select “App Transport Security” (if you can find it), or type NSAppTransportSecurity (it usually auto-completes). The entry will change into App Transport Security.
Let’s add the appropriate values to this new entry now. Hover over your new row now and select the little plus icon that comes up, then choose “Allow Arbitrary Loads” from the list. Alternatively, type in NSALlowsArbitraryLoads. Again this value will change to Allow Arbitrary Loads. Notice that this entry is a BOOL, and it needs to be set to YES on the right hand side. Go ahead and do that.
This will be enough to allow HTTP loads inside your app from any URL. You can restrict this to only certain URLs or hosts by adding another entry to the App Transport Security line, namely “Exception Domains”. Add each domain to its own line, and only data from those will be allowed to load via HTTP. If you want to use restricted domains, make sure to set the Allow Arbitrary Loads value to NO.