Android 7.0 intorduced Network Security Config to support use custom CAs, but how Cordova support that? I can not find any hint from docs of Cordova.
Asked
Active
Viewed 1.5k times
3 Answers
22
You can achieve this by adding the edit-config tag to the Android platform in your config.xml, this is supported by Cordova Android Plugin v7.0.
You will need to create the Network Security Config file that you would create for a native Android application using the examples from Google.
Next in the Cordova config.xml you can use the edit-config tag to add the networkSecurityConfig attribute to the Application tag. Then you just need to copy the Network Security Config file as a resource for your application to the res/xml directory.
Here is an example of how this might look in your applications config.xml
...
<platform name="android">
<edit-config xmlns:android="http://schemas.android.com/apk/res/android" file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
<application android:networkSecurityConfig="@xml/network_security_config" />
</edit-config>
<resource-file src="network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" />
</platform>
...
James Jones
- 1,486
- 1
- 12
- 22
-
2create the network_security_config.xml file at the root (same with config.xml path), and fill with this: `
-
1or fix the src:
– executor Aug 22 '20 at 04:44
5
What James answered works but if you have an application where you can't specify a domain or wants to allow clear text traffic for all domains, we need to set android:usesCleartextTraffic="true" in platforms/android/app/src/main/AndroidManifest.xml in <application> tag.
Because, in Android P (version 9, API level 28), cleartext support is by default disabled. To achieve this, just add the following in your config.xml inside <platform name="android">:
<edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
<application android:usesCleartextTraffic="true" />
</edit-config>
Shashank Agrawal
- 25,161
- 11
- 89
- 121
-
this is not work to me then i change to `android:cleartextTrafficPermitted="true"` still does not work, any one can help ? – ana Jul 22 '19 at 04:57
-
@ana You can add this to your security config xml file for Android. ex. ```
akamaihd.net ``` -
3I had to add the android namespace definition for this to work: ```
-
This should work, but it's not. The easiest possible fix is to lower the sdk version to something <= 27. Example: `
`, then run `cordova prepare android`. (Forgot to mention, I'm using cordova-android version 8.0.0) – Lothre1 Jan 31 '20 at 09:26 -
-
My security config file is always overwritten after running the command 'ionic cordova run android' when i try to add something. – Tijl .Reynhout May 09 '20 at 10:14
-
-
I already fixed it. In ionic 5 adding cleartext permitted and not using the network config file does the trick – Tijl .Reynhout May 09 '20 at 20:04
0
I am using Cordova 11 with android sdk 30. Just using the
<application android:usesCleartextTraffic="true" /> didn't
work for me. XHR Requests to non https urls just reported 'Error'.
I got it working with the following:
In config.xml I added:
<platform name="android">
<edit-config xmlns:android="http://schemas.android.com/apk/res/android" file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
<application android:networkSecurityConfig="@xml/network_security_config" />
</edit-config>
<resource-file src="res/xml/network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" />
</platform>
Contents of res/xml/network_security_config.xml :
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain>10.1.36.67</domain>
</domain-config>
</network-security-config>
Note the use of the local res/xml folder for the network_security_config.xml file. Placing it in the main platform/app directory won't work and will result in the file being overwritten anyway.
William
- 1
- 3