Android 8:不允许使用明文HTTP流量 [英] Android 8: Cleartext HTTP traffic not permitted
问题描述
我收到Android 8用户的报告,称我的应用程序(使用后端供稿)不显示内容.经过调查,我发现Android 8上发生了以下异常:
I had reports from users with Android 8 that my app (that uses back-end feed) does not show content. After investigation I found following Exception happening on Android 8:
08-29 12:03:11.246 11285-11285/ E/: [12:03:11.245, main]: Exception: IOException java.io.IOException: Cleartext HTTP traffic to * not permitted
at com.android.okhttp.HttpHandler$CleartextURLFilter.checkURLPermitted(HttpHandler.java:115)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.execute(HttpURLConnectionImpl.java:458)
at com.android.okhttp.internal.huc.HttpURLConnectionImpl.connect(HttpURLConnectionImpl.java:127)
at com.deiw.android.generic.tasks.AbstractHttpAsyncTask.doConnection(AbstractHttpAsyncTask.java:207)
at com.deiw.android.generic.tasks.AbstractHttpAsyncTask.extendedDoInBackground(AbstractHttpAsyncTask.java:102)
at com.deiw.android.generic.tasks.AbstractAsyncTask.doInBackground(AbstractAsyncTask.java:88)
at android.os.AsyncTask$2.call(AsyncTask.java:333)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at android.os.AsyncTask$SerialExecutor$1.run(AsyncTask.java:245)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1162)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:636)
at java.lang.Thread.run(Thread.java:764)
(我已删除软件包名称,URL和其他可能的标识符)
(I've removed package name, URL and other possible identifiers)
在Android 7及更低版本上,一切正常,我没有在清单中设置android:usesCleartextTraffic(并且将其设置为true无济于事,无论如何这是默认值),我也不使用网络安全信息.如果我调用NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(),则对于Android 8,它会使用相同的apk文件为false返回较旧版本的true.
我试图在Google有关Android O的信息中找到对此的提及,但没有成功.
On Android 7 and lower everything works, I do not set android:usesCleartextTraffic in Manifest (and setting it to true does not help, that is the default value anyway), neither do I use Network Security Information. If I call NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(), it returns false for Android 8, true for older version, using the same apk file.
I tried to find some mention of this on Google info about Android O, but without success.
推荐答案
根据网络安全配置-
从Android 9(API级别28)开始,已禁用明文支持 默认情况下.
Starting with Android 9 (API level 28), cleartext support is disabled by default.
另请参阅- https://koz .io/android-m-and-the-war-on-cleartext-traffic/
Codelabs解释- https://codelabs.developers .google.com/codelabs/android-network-security-config/index.html
Codelabs explanation - https://codelabs.developers.google.com/codelabs/android-network-security-config/index.html
选项1-
首先尝试使用"https://"而不是"http://"来访问URL
First try hitting the URL with "https://" instead of "http://"
选项2-
创建文件res/xml/network_security_config.xml-
Create file res/xml/network_security_config.xml -
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">api.example.com(to be adjusted)</domain>
</domain-config>
</network-security-config>
AndroidManifest.xml-
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
<uses-permission android:name="android.permission.INTERNET" />
<application
...
android:networkSecurityConfig="@xml/network_security_config"
...>
...
</application>
</manifest>
选项3-
android:usesCleartextTraffic文档
AndroidManifest.xml-
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest ...>
<uses-permission android:name="android.permission.INTERNET" />
<application
...
android:usesCleartextTraffic="true"
...>
...
</application>
</manifest>
@ david.s的答案还指出,android:targetSandboxVersion也可能是一个问题-
Also as @david.s' answer pointed out android:targetSandboxVersion can be a problem too -
根据清单文档-
android:targetSandboxVersion
此应用程序要使用的目标沙箱.沙箱版本越高 数量,安全级别越高.默认值为1;你 也可以将其设置为2.将此属性设置为2可以将应用切换为 一个不同的SELinux沙箱.以下限制适用于 2级沙箱:
The target sandbox for this app to use. The higher the sandbox version number, the higher the level of security. Its default value is 1; you can also set it to 2. Setting this attribute to 2 switches the app to a different SELinux sandbox. The following restrictions apply to a level 2 sandbox:
- 网络安全配置中的
usesCleartextTraffic默认值为false. - 不允许Uid共享.
- The default value of
usesCleartextTrafficin the Network Security Config is false. - Uid sharing is not permitted.
所以选项4-
如果<manifest>中有android:targetSandboxVersion,则将其减小为1
If you have android:targetSandboxVersion in <manifest> then reduce it to 1
AndroidManifest.xml-
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?>
<manifest android:targetSandboxVersion="1">
<uses-permission android:name="android.permission.INTERNET" />
...
</manifest>
这篇关于Android 8:不允许使用明文HTTP流量的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
