From c7710c63008aae98085e007c656e6ba57fd07235 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ng=C3=B4=20Qu=E1=BB=91c=20=C4=90=E1=BA=A1t?= Date: Mon, 18 May 2026 15:00:57 +0700 Subject: [PATCH] fix(security): allow plain HTTP to DNS hosts for database connections (#1316) --- CHANGELOG.md | 1 + TablePro/Info.plist | 5 +++++ TablePro/Resources/Localizable.xcstrings | 20 +++++++++----------- TableProMobile/TableProMobile/Info.plist | 5 +++++ 4 files changed, 20 insertions(+), 11 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 1f7faa6d1..f214e316e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -33,6 +33,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Fixed +- ClickHouse (and any HTTP-based driver) can now connect to plain-HTTP servers addressed by DNS hostname; previously App Transport Security blocked the request because only IP-addressed plain HTTP is exempt by default (#1316) - Import from TablePlus now reads passwords from the keychain correctly; previously it queried the wrong service name and silently returned empty passwords without prompting - Port numbers in the import preview, welcome screen linked-file list, and plugin details no longer render with a thousand separator (e.g. 3306 instead of 3.306) under Vietnamese, German, and other locales that use a dot as a digit separator - New query tab (Cmd+T) no longer jumps focus back to the previous table tab on SQLite and other file-based databases (#1313) diff --git a/TablePro/Info.plist b/TablePro/Info.plist index 4dd3eb0aa..024a846af 100644 --- a/TablePro/Info.plist +++ b/TablePro/Info.plist @@ -237,6 +237,11 @@ + NSAppTransportSecurity + + NSAllowsArbitraryLoads + + NSUserActivityTypes com.TablePro.viewConnection diff --git a/TablePro/Resources/Localizable.xcstrings b/TablePro/Resources/Localizable.xcstrings index afebc68aa..3aa63c11a 100644 --- a/TablePro/Resources/Localizable.xcstrings +++ b/TablePro/Resources/Localizable.xcstrings @@ -1362,6 +1362,7 @@ } }, "%@: %lld" : { + "extractionState" : "stale", "localizations" : { "en" : { "stringUnit" : { @@ -1418,17 +1419,6 @@ } } }, - "%@:%lld" : { - "localizations" : { - "en" : { - "stringUnit" : { - "state" : "new", - "value" : "%1$@:%2$lld" - } - } - }, - "shouldTranslate" : false - }, "%@." : { "extractionState" : "stale", "localizations" : { @@ -2024,6 +2014,7 @@ } }, "%lld pt" : { + "extractionState" : "stale", "localizations" : { "tr" : { "stringUnit" : { @@ -23410,6 +23401,7 @@ } }, "hostname:%lld" : { + "extractionState" : "stale", "localizations" : { "tr" : { "stringUnit" : { @@ -35123,6 +35115,9 @@ } } } + }, + "Preferred connects in plain TCP for this driver. Use Required to enforce TCPS." : { + }, "Preferred performs a 2-pass connect: tries TLS first, falls back to plain only on SSL handshake errors. Required by Cloud SQL and Azure MySQL." : { @@ -47404,6 +47399,9 @@ }, "This driver does not expose routine DDL." : { + }, + "This driver has no TLS fallback. Preferred forces TLS, same as Required." : { + }, "This DROP query will permanently remove database objects. This action cannot be undone." : { "localizations" : { diff --git a/TableProMobile/TableProMobile/Info.plist b/TableProMobile/TableProMobile/Info.plist index e8e36c3d9..28e79c573 100644 --- a/TableProMobile/TableProMobile/Info.plist +++ b/TableProMobile/TableProMobile/Info.plist @@ -6,6 +6,11 @@ $(ANALYTICS_HMAC_SECRET) AppIdentifierPrefix $(AppIdentifierPrefix) + NSAppTransportSecurity + + NSAllowsArbitraryLoads + + NSFaceIDUsageDescription TablePro uses Face ID to protect your saved database connections and credentials. NSLocalNetworkUsageDescription