Cleartext traffic - Pre-Launch Report Security & Privacity

jhejuliana · August 27, 2019, 10:38pm

Hi! Guys!!! I’ve uploaded my app and they show me this problem…

Cleartext traffic allowed for all domains

Detected in APK 4

Your app’s Network Security Configuration allows cleartext traffic for all domains. This could allow eavesdroppers to intercept data sent by your app. If that data is sensitive or user-identifiable it could impact the privacy of your users.

Consider only permitting encrypted traffic by setting the cleartextTrafficPermitted flag to false, or adding an encrypted policy for specific domains.

So I found this message in Network security configuration

Opt out of cleartext traffic

Note: The guidance in this section applies only to apps that target Android 8.1 (API level 27) or lower. Starting with Android 9 (API level 28), cleartext support is disabled by default.

Reciently included API 28 in EAGLE and it means iI have to set enable cleartext support?

skulteti_balazs · September 18, 2019, 6:24pm

Same question

bodymindpower · September 19, 2019, 7:39am

try this:

use HTTPS instead of HTTP or / and
add this line to the Manifest: android:usesCleartextTraffic="true"

bodymindpower · September 19, 2019, 7:47am

Note: Starting with Android 9 (API 28), cleartext support is disabled by default.

jaan4 · September 20, 2019, 7:28pm

… and what was the solution, number one or two?

system · October 20, 2019, 7:28pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.