问题
I'm trying to connect to an embedded device with an HTTP-server which works fine on android < P (until I set targetSdkVersion 28) because there was a change that Network TLS enabled by default.
There is a way to Opt out of cleartext traffic but it seems that this is only possible for domains and not IP addresses.
I've tried to set a android:networkSecurityConfig in the Manifest with the IP instead of the domain but this didn't work:
<network-security-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">172.16.33.1</domain>
</domain-config>
</network-security-config>
Setting this as a <base-config cleartextTrafficPermitted="false"> does not work either.
So it seems that there is no way to get non-TLS communication working when not having a domain. But because this is an embedded device in the local network we do not have a domain (we only know the IP).
This seems like a major problem for all kind of embedded devices which would not be able to communicate anymore. Plus, "new apps and updates to existing apps require to target API level [28 in November 2020]" (starting in November 2018 with API 26 and advancing each year).
Any ideas how to make this possible?
回答1:
It's working with <base-config cleartextTrafficPermitted="true"> for IP addresses.
(Of course it also needs to be true not false).
回答2:
I know that this question has been answered and accepted, but if anyone needs to allow all cleartext traffic in the app (for all URLS), then the following line can be added to the application tag:
<application
...
android:usesCleartextTraffic="true">
....
</application>
If your minSdkVersion is below 23, where this attribute was introduced, Android Studio will tell you:
Attribute usesCleartextTraffic is only used in API level 23 and higher (current min is ...)
However, as far as I have experienced, the "android:usesCleartextTraffic" attribute will simply be ignored on SDK's below 23.
I hope this information can be of use to some.
来源:https://stackoverflow.com/questions/50962232/android-p-without-tls-network-security-config-cleartexttrafficpermitted-not-po