Need private packages and team management tools?Check out npm Orgs. »


1.2.2 • Public • Published


NPM version Downloads TotalDownloads Twitter Follow

The definitive way to hit HTTP based APIs in Nativescript.

Easily integrate the most reliable native networking libraries with the latest and greatest HTTPS security features.

A drop-in replacement for the default http module.


  • Modern TLS & SSL security features
  • Shared connection pooling reduces request latency
  • Silently recovers from common connection problems
  • Everything runs on a native background thread
  • Transparent GZIP
  • HTTP/2 support


What the flip is SSL pinning and all this security mumbo jumbo?

How to make your apps more secure with SSL pinning.

Do I have to use SSL pinning?

No. This plugin works out of the box without any security configurations needed. Either way you'll still benefit from all the features listed above.


git clone
cd nativescript-https/src
npm run demo.ios
npm run


Add tns-platform-declarations for Android and iOS to your references.d.ts!

/// <reference path="./node_modules/tns-platform-declarations/android.d.ts" />
/// <reference path="./node_modules/tns-platform-declarations/ios.d.ts" />

We also recommend adding "skipLibCheck": true, to your tsconfig.json. More information on that can be found here.

Install the plugin:

tns plugin add nativescript-https


Hitting an API using GET method

import * as Https from 'nativescript-https'
    url: '',
    method: 'GET',
    timeout: 30 // seconds (default 10)
}).then(function(response) {
    console.log('Https.request response', response)
}).catch(function(error) {
    console.error('Https.request error', error)


Installing your SSL certificate

Create a folder called assets in your projects app folder like so <project>/app/assets. Using chrome, go to the URL where the SSL certificate resides. View the details then drag and drop the certificate image into the assets folder.

Installing your SSL certificate

Enabling SSL pinning

import { knownFolders } from 'file-system'
import * as Https from 'nativescript-https'
let dir = knownFolders.currentApp().getFolder('assets')
let certificate = dir.getFile('').path
Https.enableSSLPinning({ host: '', certificate })

Once you've enabled SSL pinning you CAN NOT re-enable with a different host or certificate file.

Disabling SSL pinning

import * as Https from 'nativescript-https'

All requests after calling this method will no longer utilize SSL pinning until it is re-enabled once again.


export interface HttpsSSLPinningOptions {
    host: string
    certificate: string
    allowInvalidCertificates?: boolean
    validatesDomainName?: boolean
Option Description
host: string This must be the top level domain name eg
certificate: string The uri path to your .cer certificate file.
allowInvalidCertificates?: boolean Default: false. This should always be false if you are using SSL pinning. Set this to true if you're using a self-signed certificate.
validatesDomainName?: boolean Default: true. Determines if the domain name should be validated with your pinned certificate.

Webpack / bundling

Since you're probably shipping a certificate with your app (like our demo does), make sure it's bundled by Webpack as well. You can do this by adding the certificate(s) with the CopyWebpackPlugin.

iOS Troubleshooting

Please educate yourself on iOS's App Transport Security before starting beef!

If you try and hit an https route without adding it to App Transport Security's whitelist it will not work! You can bypass this behavior by adding the following to your projects Info.plist:


This plugin does not add NSAllowsArbitraryLoads to your projects Info.plist for you.

Android troubleshooting

If you app crashes with a message that it's doing too much networkin on the main thread, then pass the option allowLargeResponse with value true to the request function.


Who Why
Robert Laverty For creating and maintaining this plugin for a long time, before transfering it to me, with the help of Jeff Whelpley of GetHuman.
AFNetworking AFNetworking A delightful networking framework for iOS, OS X, watchOS, and tvOS.
Square okhttp An HTTP+HTTP/2 client for Android and Java applications.


npm i nativescript-https

Downloadsweekly downloads









last publish


  • avatar
Report a vulnerability