How to keep ipa outside webroot when using iOS OTA to install app?
https://stackoverflow.com//questions/9682849
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
In the plist we need to mention the URL which is accessible public. Is it possible to keep that out of web root so that no one can hit that path using web browser. This means I want to keep .ipa not accessible through a web URL.
Solution
That's not possible, unless you do something like have the URL point to a script which goes off and reads from the IPA outside the web root and then spits it out. But that would still mean people could access it.
Basically, if you expect an iOS device to be able to access the file, then anyone can just inspect the plist and get the URL and download the IPA directly. Remember though, they can't really do much with it. Why don't you just block access to the plist file to only authorised people?
