Java – How to resolve plaintext that is not allowed in aosp

How to resolve plaintext that is not allowed in aosp… here is a solution to the problem.

How to resolve plaintext that is not allowed in aosp

I know android disables plaintext by default. Can I know exactly where I can enable in aosp instead of adding all packages with network profiles?

Where can I allow by adding the following line?

cleartextTrafficPermitted=”true

External/okhttp/android/main/java/com/squareup/okttp/handler

 public static OkUrlFactory createHttpOkUrlFactory(Proxy proxy) {
        OkHttpClient client = new OkHttpClient();

 Explicitly set the timeouts to infinity.
        client.setConnectTimeout(0, TimeUnit.MILLISECONDS);
        client.setReadTimeout(0, TimeUnit.MILLISECONDS);
        client.setWriteTimeout(0, TimeUnit.MILLISECONDS);

 Set the default (same protocol) redirect behavior. The default can be overridden for
         each instance using HttpURLConnection.setInstanceFollowRedirects().
        client.setFollowRedirects(HttpURLConnection.getFollowRedirects());

 Do not permit http -> https and https -> http redirects.
        client.setFollowSslRedirects(false);

 Permit cleartext traffic only (this is a handler for HTTP, not for HTTPS).
        client.setConnectionSpecs(CLEARTEXT_ONLY);

 When we do not set the Proxy explicitly OkHttp picks up a ProxySelector using
         ProxySelector.getDefault().
        if (proxy != null) {
            client.setProxy(proxy);
        }

 OkHttp requires that we explicitly set the response cache.
        OkUrlFactory okUrlFactory = new OkUrlFactory(client);

 Use the installed NetworkSecurityPolicy to determine which requests are permitted over
         http.
        OkUrlFactories.setUrlFilter(okUrlFactory, CLEARTEXT_FILTER);

ResponseCache responseCache = ResponseCache.getDefault();
        if (responseCache != null) {
            AndroidInternal.setResponseCache(okUrlFactory, responseCache);
        }
        return okUrlFactory;
    }

private static final class CleartextURLFilter implements URLFilter {
        @Override
        public void checkURLPermitted(URL url) throws IOException {
            String host = url.getHost();
            if (! NetworkSecurityPolicy.getInstance().isCleartextTrafficPermitted(host)) {
                throw new IOException("Cleartext HTTP traffic to " + host + " not permitted");
            }
        }
    }

In any application, if I use http, I get an error message because plaintext HTTP traffic to 124.60.5.6 is not allowed”;

So not changed in the app, but can it be changed in aosp?

Solution

If you do that, it’s enough

builder.setCleartextTrafficPermitted(true);

Line 189 seems to be enough because you are using older applications that may not have any network configuration, just the default configuration.

Source: https://android.googlesource.com/platform/frameworks/base.git/+/refs/heads/master/core/java/android/security/net/config/NetworkSecurityConfig.java#189

Old answer

I hope you’ve done your homework on the impact of bypassing security features. That being said, the class responsible for the exception is NetworkSecurityConfig in the framework that packages android.security.net.config.

At the time of writing this answer, the static builder class has a property, boolean mCleartextTrafficPermittedSet, which is set to false by default. You may have to default it to true, which causes the method getEffectiveCleartextTrafficPermitted() in the NetworkSecurityConfig class to return mCleartextTrafficPermitted Returns DEFAULT_CLEARTEXT_TRAFFIC_PERMITTED as a return with the default setting to true

The process is

getEffectiveCleartextTrafficPermitted() returns mCleartextTrafficPermitted returns DEFAULT_CLEARTEXT_TRAFFIC_PERMITTED returns true by default

If this is all confusing, call setCleartextTrafficPermitted(true) on the builder when creating it.

The source code for this class is available here: https://android.googlesource.com/platform/frameworks/base.git/+/refs/heads/master/core/java/android/security/net/config/NetworkSecurityConfig.java

Note: I haven’t tried this, just went through the source code and extrapolated the above. If something is wrong, you are welcome to try to correct me.

Edit via @Shadow update:

In NetworkSecurityConfig, change the boolean variable from true to false.

   //public static final boolean DEFAULT_CLEARTEXT_TRAFFIC_PERMITTED = true;
    public static final boolean DEFAULT_CLEARTEXT_TRAFFIC_PERMITTED = false;

Also in ManifestConfigSource, comment out the following line

  /*boolean usesCleartextTraffic =
                        (mApplicationInfo.flags & ApplicationInfo.FLAG_USES_CLEARTEXT_TRAFFIC) != 0
                        && mApplicationInfo.targetSandboxVersion < 2; */

and directly apply that usesCleartextTraffic is true.

 boolean usesCleartextTraffic =true;

Related Problems and Solutions

  1. How to add operations to your Tensorflow Android build
  2. The OnClick() method does not work in a TextView
  3. Problems with FragmentActivity
  4. Field.getGenericType() returns an instance of java.lang.Class instead of Type
  5. What is the best way to determine how much time an EMR job spends on Map and Reduce tasks?
  6. Why should writable data types be mutable?
  7. FragmentTransaction animation – Displays the entry fragment above the exit fragment
  8. Android – Wrong first parameter type and ‘android.supportv4.app.fragment’