Stack Overflow
Stack Overflow

Questions tagged [android-network-security-config]

55 questions
216
votes
10 answers

How to allow all Network connection types HTTP and HTTPS in Android (9) Pie?

From Android 9 Pie now, requests without encryption will never work. And by default, the System will expect you to use TLS by default.You can read this feature here So if you only make requests via HTTPS you are safe. But what about apps that make…
Xenolion
  • 12,035
  • 7
  • 33
  • 48
8
votes
1 answer

Cannot reference raw resources from Network Security Configuration XML

I'm trying to follow the Android documentation for using custom certs here. The desired network config file is:
ThePartyTurtle
  • 2,276
  • 2
  • 18
  • 32
7
votes
0 answers

Network Security Config in androidTest gets ignored

My app has free and paid flavours. Right now we are adding tests the to paid flavour that run in a mock server, we need to communicate with it in cleartext so are trying to add a network security config only in androidTestPaid (we don't have one in…
Nick Cardoso
  • 20,807
  • 14
  • 73
  • 124
6
votes
0 answers

How to include a BuildConfig or resource in network_security_config.xml

To make http-API calls on localhost in Android I needed to add a network-security-config to define my local IP address. Of course, the local IP address is different for each developer, so I put this value in gradle.properties so everyone can…
P Kuijpers
  • 1,593
  • 15
  • 27
5
votes
1 answer

Flutter: Android "network-security-config"

I have setup following to test the Flutter's network security based on the Android document in order to implement Certificate Pinning: Note that I specified the domain-config for api.somesite.com. So the app should only accept somesite.com…
Steve Kim
  • 5,293
  • 16
  • 54
  • 99
4
votes
1 answer

Android WebView and network-security-configuration

I'm developing on Android 8 (26 API, Oreo) and I use android.webkit.WebView in my app. I would implement "secure network connection" when I load pages with my WebView (in other words I would avoid man-in-the-middle problems and self-signed…
Samuel Adorni
  • 208
  • 2
  • 14
2
votes
1 answer

Network security configuration API 23 and lower - Trust anchor for certification path not found - How to handle self-signed certificat with API <= 23

I need to add a self-signed certificate on my app and for that, I set the Network security configuration. It works perfectly on API 31, but when I try it on API 21, the javax.net.ssl.SSLHandshakeException:…
François ROSTKER
  • 171
  • 2
  • 8
2
votes
1 answer

Reference library certificates from Android Network Security Configuration?

Starting from Android API level 24 it is possible to define a Network Security Configuration and reference it from the Android Manifest:
Alix
  • 2,630
  • 30
  • 72
2
votes
1 answer

Android Network Security on API <24

To communicate with back from my android app I use network-security-config.xml, which looks like
lishee loo
  • 57
  • 1
  • 6
2
votes
1 answer

Best solution for the handshake failed SSL error in android web view without ignoring SSL errors

I creating a application which display a specific site to the user and I'm using web view to acoomplish that task. When I try to load that specific site web view shows nothing and log cat says, E/chromium: [ERROR:ssl_client_socket_impl.cc(946)]…
Chamod
  • 587
  • 2
  • 6
  • 17
2
votes
1 answer

There is way to counteract frida toolkit in android app?

in app i use native network security config for public key pinning. using frida toolkit our security team can bypass pinning. the question is simple: there is any way to protect against that or not ?
Alessandro Scarozza
  • 4,273
  • 6
  • 31
  • 39
2
votes
2 answers

Android WebView failed to load (net::ERR_CLEARTEXT_NOT_PERMITTED)

Can someone help me please? I am using WebView in my Android app compileSdkVersion 29 buildToolsVersion "29.0.0" minSdkVersion 16 targetSdkVersion 29 I have the config https in AmdroidManifest and creating a config file but no change I get the…
Rachid
  • 21
  • 1
  • 3
2
votes
1 answer

SSL issue on Android 9 Google Pixel One

I am trying to perform HTTPS requests to a host 10.10.10.1 from Android host with 10.10.10.2 in network without Internet connection - only WiFi 2 peers AP and Android 9 Google Pixel One device. I've created network_security_config.xml with my cert…
atlascoder
  • 2,746
  • 3
  • 26
  • 34
2
votes
0 answers

System.err: javax.net.ssl.SSLPeerUnverifiedException: Hostname XXX not verified even after adding in network-security-config

I have added network security config in manifest, but I am still getting hostname not verified error. android:networkSecurityConfig="@xml/network_security_config"
vinb
  • 113
  • 5
1
vote
0 answers

Untitled download occure when I try to download from a local server

I run an android app that let me download file from an URL, I used download manager to download the files, it works just fine when I use a public URL server from the internet but when I use my local server it doesn't download the file and give me…
BOUCHEFIRAT Loukmane
  • 11
  • 1
1
2 3 4