Menu
I am trying to secure WebView from cleartext traffic. As mentioned in the documentation. I have to set android:usesCleartextTraffic as false to achieve this. But this works on API level 23 and above. My minimum sdk is 22. How can I make sure app doesn't crash or create any problem on device running below API level 23 ? Or how can I programmatically set that attribute value in the application tag in Manifest.xml ?
478
In order to view remote documents from an HTTP URL, cleartext network traffic support is required. On Android 9.0 (API level 28) or higher, cleartext support is disabled by default and apps targeting Android 9.0 or higher will need to add the android:usesClearTextTraffic="true" flag in the AndroidManifest. xml file.
Similar to the App Transport Security (ATS) feature in iOS (see also best practice 6.5 Implement App Transport Security), Android 6.0 and later makes it easier to prevent an app from using cleartext network traffic (e.g., HTTP and FTP without TLS) by adding the android:usesCleartextTraffic attribute to the Android ...
xml file which will allow you to use HTTP connections in your Android application. Open the AndroidManifest. xml file and under the <application> tag, add the specific line that android:usesCleartextTraffic=”true” enables the HTTP connection, which is disabled by default after the release of Marshmallow.
android:supportsRtl="true" enables support for right-to-left languages. Without this, layout will always be left-to-right, However by itself it does not change the layout to be from right to left. It simply enables other attributes - one of those new attributes controls whether is left-to-right or right-to-left.
As suggested in an article @ Android Developers Blogspot:
You don’t have to set
minSdkVersionortargetSdkVersionof your app to 23 (Android Marshmallow) to useandroid:usesCleartextTraffic. On older platforms, this attribute is simply ignored and thus has no effect.
Hope this solves your query.
51
When you use usesCleartextTraffic in manifest, you get the following warning :
Attribute usesCleartextTraffic is only used in API level 23 and higher (current min is 19).
The default value of usesCleartextTraffic is as the following :
This attribute was added in API level 23.
This flag is ignored on Android 7.0 (API level 24) and above if an Android Network Security Config is present.
https://developer.android.com/guide/topics/manifest/application-element https://android-developers.googleblog.com/2016/04/protecting-against-unintentional.html
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
