Let's say I had an API that told me "for X resource, use this host". My iOS app would then store that host and use it whenever it needs to fetch resource X.
I'm wondering what security concerns there are around this? If I had to support this, would this make sense to store it somewhere encrypted (like the keychain) rather than user-defaults/sql?
I feel like worst-case, someone could redirect the app's traffic to their own thing. But I don't know if this is any more concerning than someone just modifying a hosts file, so maybe I'm worrying about nothing?
Thank you!
