I have an app with ionic and cordova. the network_security_config.xml file as follows:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">xxxxxxxxx</domain>
<pin-set expiration="2021-07-01">
<pin digest="SHA-256">aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa=</pin>
<!-- backup pin -->
<pin digest="SHA-256">bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb=</pin>
</pin-set>
</domain-config>
</network-security-config>
and the AndroidManifest file added with the value: android: networkSecurityConfig = "# xml / network_security_config"
The problem is that the two pins in the network_security_configuration file are incorrect and still the API call is successful. Some brilliant mind that sees where is the error that I am not seeing?
Related
// domain name
<domain-config cleartextTrafficPermitted="true">
<domain tools:ignore="NetworkSecurityConfig">org.dukehealth.colectiv</domain>
<trust-anchors>
<!--<certificates src="user" />-->
<certificates src="system" />
</trust-anchors>
<pin-set expiration=" Monday, 9 December, 2052"
tools:ignore="NetworkSecurityConfig">
<pin digest="SHA-256"
tools:ignore="NetworkSecurityConfig">89:0B:5E:8E:D3:62:BC=</pin>
<!-- Backup Pin for: currency-converter-demo.pdm.approov.io -->
<pin digest="SHA-256"
tools:ignore="NetworkSecurityConfig">89:0B:5E:8E:D3:62:BC:E0:F5:20:78:7E:CA:1</pin>
</pin-set>
<!-- TrustKit Android API -->
<!-- enforce pinning validation -->
<trustkit-config enforcePinning="true" disableDefaultReportUri="true">
<!-- Add a reporting URL for pin validation reports -->
</domain-config>
your text
i got error not able to parse xml network security config i also add this to mainfest too please help
Have you added the below namespace:
xmlns:tools="http://schemas.android.com/tools"
Also you need to have network-security-config tag and xml tag in your config xml
I am able to use your config in my project.
I'm getting a Network request failed only on android simulator.
ApolloError: Network request failed
at new ApolloError (http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=myapp&modulesOnly=false&runModule=true:162987:26)
at Object.error (http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app= myapp&modulesOnly=false&runModule=true:140360:70)
at notifySubscription (http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app= myapp&modulesOnly=false&runModule=true:158462:20)
It works fine on iOS and iOS simulator.
The call is a real production server and not one hosted on my machine.
Already tried setting up android:usesCleartextTraffic="true" in the manifest.
Also whitelisted my domain in a android/app/src/main/res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">https://myserverdomain.com</domain>
<domain includeSubdomains="true">127.0.0.1</domain>
<domain includeSubdomains="true">10.0.0.1</domain>
<domain includeSubdomains="true">localhost</domain>
</domain-config>
</network-security-config>
what am I missing here ?
Solved!
First thing to know, if using Axios, it adds headers to the request.
Also, my android .env variable where was stored the url didn't work.
I was trying to communicate with my server using Axios. I checked it worked well in the same URL, same body data in Postman. However, in most conditions, the application doesn't make an HTTP call - It only works when I turn on network inspector in react-native-debugger with debug mode. make a bunch of error messages like below.
Error: Network Error at createError
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:115372:17) at EventTarget.handleError
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:115282:16) at EventTarget.dispatchEvent
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:33554:27) at EventTarget.setReadyState
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:32692:20) at EventTarget.__didCompleteResponse
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:32500:16) at http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:32616:47 at RCTDeviceEventEmitter.emit
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:2310:37) at MessageQueue.__callFunction
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:3348:31) at http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:3076:17 at MessageQueue.__guard
(http://localhost:8081/index.bundle?platform=android&dev=true&minify=false&app=com.wheelie&modulesOnly=false&runModule=true:3302:13)
I read the article that android network policy may be the reason. I changed the AndroidManifest.xml below. Then I checked there is http:// or https:// in a domain, and there was no problem with the domain. Finally, I added network_security_config.xml, but it doesn't make a change.
I use my physical android phone(galaxy A50, android 11) instead of AVD. targetSdkVersion and complieSdkVersion are also API 30, minSdkVersion is 22.
postLogIn
export function postLogIn(authorizationInfo: WheelieAuthorizationInfo) {
return axios.post<{
statusCode: number;
token: string;
}>(`${domain}/account/login`, authorizationInfo);
}
app/src/debug/AndrodiManifest.xml
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools">
<uses-permission android:name="android.permission.SYSTEM_ALERT_WINDOW"/>
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<application
android:usesCleartextTraffic="true"
android:networkSecurityConfig="#xml/network_security_config"
tools:targetApi="28"
tools:ignore="GoogleAppIndexingWarning">
<activity android:name="com.facebook.react.devsupport.DevSettingsActivity" />
</application>
</manifest>
network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true">
<trust-anchors>
<certificates src="system" />
<certificates src="user" />
</trust-anchors>
</base-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">10.0.2.2</domain>
</domain-config>
</network-security-config>
I solved this problem two days ago by adding network_security_config.xml and network certificates(*.pem) for my backend API server.
References: Andorid Dev Network Security Configuration
First, add a custom networking security setting in AndroidManifest.xml
...
<application
...
android:networkSecurityConfig="#xml/network_security_config">
Second, make ./android/app/src/main/res/xml/network_security_config.xml
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config>
<domain includeSubdomains="true">pedalers.net</domain>
<trust-anchors>
<certificates src="#raw/my_ca"/>
</trust-anchors>
</domain-config>
<domain-config cleartextTrafficPermitted="true">
<!-- Without localhost setting, it's unable to connect metro with app. -->
<domain includeSubdomains="true">127.0.0.1</domain>
<!-- For physical phone, 10.0.0.1 is the address connect to computer -->
<domain includeSubdomains="true">10.0.0.1</domain>
<!-- For AVD, 10.0.2.2 is the address connect to computer -->
<domain includeSubdomains="true">localhost</domain>
</domain-config>
</network-security-config>
Third, add the self-signed or non-public CA certificate, in PEM or DER format, to res/raw/my_ca.
I need to get a JSON response from an IP address (No Domain Name connected), but flutter 2.0 doesn't allow HTTP, so I followed this answer to enable it, but the problem I face is I dont have domain name, to replace here:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">api.example.com</domain>
</domain-config>
</network-security-config>
I tried replacing with IP but it throws error that IP is not recognised as domain name.
<domain includeSubdomains="true">x.x.x.x</domain> #doesn't work
Any solution to allow HTTP traffic from IP address.
PS: I know its unsafe.
EDIT:
I tried this methods:
Setting res/xml/network_security_config.xml:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true" />
</network-security-config>
Doesn't work.
Setting res/xml/network_security_config.xml:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">65.0.XX.136</domain>
</domain-config>
</network-security-config>
Doesn't Work.
Setting android:usesCleartextTraffic="true" in application tag of AndroidManifest.xml.
Doesn't work.
I am using a http://something API for the login process. But could't get a hit on API in Android 10. For rest of the version, the API is working fine.
First of all, I was getting SocketTimeoutException. Then I tried following solutions.
1) Added below attribute to <application> in Manifest.
android:usesCleartextTraffic="true"
Result: Still getting SocketTimeoutException.
2) Then I added networkSecurityConfig:
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">project.dev.company:6001/</domain>
<trust-anchors>
<certificates src="system"/>
</trust-anchors>
</domain-config>
</network-security-config>
Result : UnknownServiceException : CLEARTEXT communication to project.dev.company:6001/ is not permitted by network security policy.
3) Also tried permitting CLEARTEXT in <base-config>. Still getting SocketTimeoutException.
How can I permit my app to access a HTTP connection from Android 10? I am using Retrofit2 for network calling.
Use this codes in your xml file
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">project.dev.company</domain>
</domain-config>
</network-security-config>
and use this codes in manifest:
android:usesCleartextTraffic="true"
android:networkSecurityConfig="#xml/network_security_configuration"
dont need any "/" and port in domain,just use like me
Edited:
you can use IP of your api host,like this:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">192.168.1.1</domain>
</domain-config>
</network-security-config>