stackoom
  简体   繁体   中英

Why is cleartextTrafficPermitted tag not detected when enclosed in debug-overrides tag of my Xamarin Android network_security_config.xml file?

 原文  2021-10-04 17:48:56       android/ xamarin/ cleartext

Question

I have a Xamarin.Forms application, for which I am able to debug in cleartext (http) mode, based on the inclusion of a.network_security_config.xml file as follows:

<network-security-config>
   <base-config cleartextTrafficPermitted="true" />
</network-security-config>

However, if I move the cleartextTrafficPermitted setting inside of a debug-overrides tag as follows, I get the error "Cleartext HTTP traffic to MYSITE is not permitted."

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <debug-overrides>
      <base-config cleartextTrafficPermitted="true" />
  </debug-overrides>
</network-security-config>

My application is running in debug mode. Even though app debugging was already working and mode was Debug, just in case I tried adding debuggable:true explicitly to the application tag in my AndroidManifest.xml, and have also tried adding (Debuggable = true) as a parameter in the ApplicationAttribute over my main application class declaration, but regardless of how I set the app to be debuggable, the base-config tag seems to be ignored if it's nested inside of a debug-overrides tag. Am I doing something wrong? Is there some other way to allow for HTTP to be permitted in debug mode but not in release mode?

4 answers

solution1
 1  2021-10-04 18:03:43

This likely happens because you are referring to the debug mode of Android and Xamarin doesn't use it in its debug mode.

I cannot fully confirm this, but this is the only possible reason I can think of. As Xamarin doesn't use Java virtual machine on Android to run it likely can't use debug that is intended for this virtual machine.

solution2
 0 ACCPTED  2021-10-07 19:16:53

Changing the [Application] attribute over my Application class as follows allows me to use HTTP during debug compiles only:

#if(DEBUG)
    [Application(UsesCleartextTraffic=true)]
#else
    [Application]
#endif

solution3
 0 ACCPTED  2022-11-15 09:17:52

I would suggest you to use domain specific config.

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <!-- default config that does not allow plain text traffic -->
    <base-config cleartextTrafficPermitted="false">
        <trust-anchors>
            <certificates src="system" />
        </trust-anchors>
    </base-config>

    <!-- Specific config for local tests (enable plain text traffic) -->
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">localhost</domain>
    </domain-config>

</network-security-config>

The debug-overrides tag, as described in the android documentation, does not take the cleartextTrafficPermitted option.

调试覆盖文档

solution4
 -1  2021-10-05 02:48:01

android:usesCleartextTraffic="true"

将此行放在清单文件的应用程序标记中。

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Which directory do it put the network_security_config.xml in Xamarin Forms app, when building to android Android P - NetworkSecurityPolicy.isCleartextTrafficPermitted false when network-security-config base-config cleartextTrafficPermitted true Android - is it safe enough to store cert hash in plain text in `network_security_config.xml`? Setting domain name of network_security_config.xml to localhost at runtime Multiple subdomains in network_security_config.xml how How I can apply a network_security_config.xml on specific variants and not in release one? Android P without TLS: network-security-config: cleartextTrafficPermitted not possible for IP (only domain) How to add network_security_config.xml to manifest in expo app without ejecting android: network security config only in debug version Why does my Android app freeze when using tag manager?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM