iOS Secure Domains Config Plugin

Create a config helper that prepares an iOS project for secure networking and shared credentials by updating Info.plist entries and entitlements in one pass.

Capabilities

URL scheme registration

• Given urlScheme set to tileapp and Info.plist already listing existing under CFBundleURLSchemes, the resulting URL types include both existing and tileapp with no duplicates added. @test

Transport security exceptions

• With allowInsecureDomains set to ["dev.api.test"], it keeps NSAllowsArbitraryLoads false and adds an NSExceptionDomains entry for dev.api.test that allows insecure HTTP while leaving other domains untouched. @test

Associated domains and keychain access

• Given associatedDomains of ["links.example.com"], an empty entitlements file gains com.apple.developer.associated-domains with applinks:links.example.com, and existing values under the key remain if present. @test
• When teamId is ABCD1234 and keychainGroup is shared.group, the entitlements include ABCD1234.shared.group in keychain-access-groups while preserving any preexisting groups. @test

Implementation

@generates

API

export type IosSecurityOptions = {
  urlScheme: string;
  associatedDomains: string[];
  keychainGroup: string;
  teamId: string;
  allowInsecureDomains?: string[];
};

export function withIosSecurity(config: unknown, options: IosSecurityOptions): unknown;

Dependencies { .dependencies }

@expo/config-plugins { .dependency }

Provides utilities to read and update iOS Info.plist and entitlements when applying Expo config changes.