SyntaxFix

[android] Why am I seeing net::ERR_CLEARTEXT_NOT_PERMITTED errors after upgrading to Cordova Android 8?

After upgrading to Cordova Android 8.0, I am seeing net::ERR_CLEARTEXT_NOT_PERMITTED errors when trying to connect to http:// targets.

Why is that and how can I resolve this?

This question is related to android cordova

The answer is

The default API level in the Cordova Android platform has been upgraded. On an Android 9 device, clear text communication is now disabled by default.

To allow clear text communication again, set the android:usesCleartextTraffic on your application tag to true:

<platform name="android">
  <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
      <application android:usesCleartextTraffic="true" />
  </edit-config>
</platform>

As noted in the comments, if you have not defined the android XML namespace previously, you will receive an error: unbound prefix during build. This indicates that you need to add it to your widget tag in the same config.xml, like so:

<widget id="you-app-id" version="1.2.3"
xmlns="http://www.w3.org/ns/widgets" 
xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:cdv="http://cordova.apache.org/ns/1.0">

There are two things to correct in config.xml So the right answer should be adding the xmls:android:

<widget id="com.my.awesomeapp" version="1.0.0" 
xmlns="http://www.w3.org/ns/widgets"
xmlns:android="http://schemas.android.com/apk/res/android" 
xmlns:cdv="http://cordova.apache.org/ns/1.0">

plus editing the config to allow:

<platform name="android">
  <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
      <application android:usesCleartextTraffic="true" />
  </edit-config>
</platform>

If step 1 is avoided error: unbound prefix. will appear

Cleartext here represents unencrypted information. Since Android 9, it is recommended that apps should call HTTPS APIs to make sure there is no eves dropping.

However, if we still need to call HTTP APIs, we can do following:

Platform: Ionic 4

Create a file named: network_security_config.xml under project-root/resources/android/xml

Add following lines:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
   <domain-config cleartextTrafficPermitted="true">
     <domain>ip-or-domain-name</domain>
   </domain-config>
</network-security-config>

Now in project-root/config.xml, update following lines:

<platform name="android">
    <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
        <application android:usesCleartextTraffic="true" />
        <application android:networkSecurityConfig="@xml/network_security_config" />
    </edit-config>
    ... other statements...

It should work now.

To solve the problem there's other option. in file resources/android/xml/network_security_config.xml. insert:

<network-security-config>
   <base-config cleartextTrafficPermitted="true">
       <trust-anchors>
           <certificates src="system" />
       </trust-anchors>
   </base-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain>localhost</domain>
        <domain includeSubdomains="true">192.168.7.213:8733</domain>
    </domain-config>
</network-security-config>

Im my case I´m using IP address then base-config is necessary, but if you have a domain. just add the domain.

I ran into this problem myself today, and found a really nifty plugin that will save you the hassle of trying to manually allow cleartext traffic in Android 9+ for your Apache Cordova application. Simply install cordova-plugin-cleartext, and the plugin should take care of all the behind the scenes Android stuff for you.

$ cordova plugin add cordova-plugin-cleartext
$ cordova prepare
$ cordova run android

After a few days of struggle, this works for me, and I hope this also works for you.

add this to your CONFIG.XML, top of your code. 

<access origin="*" />
<allow-navigation href="*" />

and this, under the platform android.

<edit-config file="app/src/main/AndroidManifest.xml" 
   mode="merge" target="/manifest/application" 
   xmlns:android="http://schemas.android.com/apk/res/android">
     <application android:usesCleartextTraffic="true" />
     <application android:networkSecurityConfig="@xml/network_security_config" />
 </edit-config>
 <resource-file src="resources/android/xml/network_security_config.xml" 
 target="app/src/main/res/xml/network_security_config.xml" />

add the follow code to this file "resources/android/xml/network_security_config.xml".

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="true">
        <trust-anchors>
            <certificates src="system" />
        </trust-anchors>
    </base-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">localhost</domain>
        <domain includeSubdomains="true">YOUR DOMAIN HERE/IP</domain>
    </domain-config>
</network-security-config>

enter image description here

enter image description here

Adding the following attribute within the opening < widget > tag worked for me. Simple and live reloads correctly on a Android 9 emulator. xmlns:android="http://schemas.android.com/apk/res/android"

<widget id="com.my.awesomeapp" version="1.0.0" 
xmlns="http://www.w3.org/ns/widgets"
xmlns:android="http://schemas.android.com/apk/res/android" 
xmlns:cdv="http://cordova.apache.org/ns/1.0">

Im using IONIC 5.4.13, cordova 9.0.0 ([email protected])

I might be repeating information but for me problem started appearing after adding some plugin (not sure yet). I tried all above combinations, but nothing worked. It only started working after adding:

   <base-config cleartextTrafficPermitted="true">
       <trust-anchors>
           <certificates src="system" />
       </trust-anchors>
   </base-config>

to file in project at

resources/android/xml/network_security_config.xml

so my network_security_config.xml file now looks like:

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
   <base-config cleartextTrafficPermitted="true">
       <trust-anchors>
           <certificates src="system" />
       </trust-anchors>
   </base-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">localhost</domain>
        <domain includeSubdomains="true">10.1.25.10</domain>
    </domain-config>
</network-security-config>

Thanks to all.

Following is the solution which worked for me. The files which I updated are as follows:

  1. config.xml (Full Path: /config.xml)
  2. network_security_config.xml (Full Path: /resources/android/xml/network_security_config.xml)

Changes in the corresponding files are as follows:

1. config.xml

I have added <application android:usesCleartextTraffic="true" /> tag within <edit-config> tag in the config.xml file

<platform name="android">
    <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
        <application android:usesCleartextTraffic="true" />
        <application android:networkSecurityConfig="@xml/network_security_config" />
    </edit-config>
    ...
<platform name="android">

2. network_security_config.xml

In this file I have added 2 <domain> tag within <domain-config> tag, the main domain and a sub domain as per my project requirement

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">mywebsite.in</domain>
        <domain includeSubdomains="true">api.mywebsite.in</domain>
    </domain-config>
</network-security-config>

Thanks @Ashutosh for the providing the help.

Hope it helps.

you should add

<base-config cleartextTrafficPermitted="true">
    <trust-anchors>
        <certificates src="system" />
    </trust-anchors>
</base-config>

to

resources/android/xml/network_security_config.xml

like this

<network-security-config>
<base-config cleartextTrafficPermitted="true">
    <trust-anchors>
        <certificates src="system" />
    </trust-anchors>
</base-config>

<domain-config cleartextTrafficPermitted="true">
    <domain includeSubdomains="true">localhost</domain>
</domain-config> </network-security-config>

Following solution worked for me-

goto resources/android/xml/network_security_config.xml Change it to-

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">localhost</domain>
        <domain includeSubdomains="true">api.example.com(to be adjusted)</domain>
    </domain-config>
</network-security-config>

After reading the whole discussion looking for a way to authorize communication to all IP addresses as in my case the IP address to where the request will be sent is defined by the user in an input text and can not be defined in the configuration file. Here is how I resolved the issue

here are the configuration

config.xml

<platform name="android">
...
        <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
            <application android:networkSecurityConfig="@xml/network_security_config" />
        </edit-config>
        <resource-file src="resources/android/xml/network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" />
...
</platform>

resources/android/xml/network_security_config.xml

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <base-config cleartextTrafficPermitted="true" />
</network-security-config>

The most important piece of code is <base-config cleartextTrafficPermitted="true" /> in <network-security-config> instead of domain-config

Old ionic cli (4.2) was causing issue in my case, update to 5 solve the problem

Just add this line to platforms/android/app/src/main/AndroidManifest.xml file

<application android:hardwareAccelerated="true" android:icon="@mipmap/ic_launcher" android:label="@string/app_name" android:supportsRtl="true" android:usesCleartextTraffic="true">

We are using the cordova-custom-config plugin to manage our Android configuration. In this case the solution was to add a new custom-preference to our config.xml:

    <platform name="android">

        <preference name="orientation" value="portrait" />

        <!-- ... other settings ... -->

        <!-- Allow http connections (by default Android only allows https) -->
        <!-- See: https://stackoverflow.com/questions/54752716/ -->
        <custom-preference
            name="android-manifest/application/@android:usesCleartextTraffic"
            value="true" />

    </platform>

Does anybody know how to do this only for development builds? I would be happy for release builds to leave this setting false.

(I see the iOS configuration offers buildType="debug" for that, but I'm not sure if this applies to Android configuration.)

@Der Hochstapler thanks for the solution.
but in IONIC 4 some customization in project config.xml work for me

Add a line in Widget tag

<widget id="com.my.awesomeapp" version="1.0.0" 
xmlns="http://www.w3.org/ns/widgets"
xmlns:android="http://schemas.android.com/apk/res/android" 
xmlns:cdv="http://cordova.apache.org/ns/1.0">

after this, in the Platform tag for android customize some lines check below
add usesCleartextTraffic=true after networkSecurityConfig and resource-file tags

 <platform name="android">
        <edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application" xmlns:android="http://schemas.android.com/apk/res/android">
            <application android:networkSecurityConfig="@xml/network_security_config" />
        </edit-config>
        <resource-file src="resources/android/xml/network_security_config.xml" target="app/src/main/res/xml/network_security_config.xml" />
        <edit-config file="AndroidManifest.xml" mode="merge" target="/manifest/application">
            <application android:usesCleartextTraffic="true" />
        </edit-config>
    </platform>

In an Ionic 4 capacitor project, when I packaged and deployed to android phone for testing I got this error. Resolved by re-installing capacitor and updating android platform.

npm run build --prod --release
npx cap copy
npm install --save @capacitor/core @capacitor/cli
npx cap init
npx cap update android
npx cap open android

If You have Legacy Cordova framework having issues with NPM and Cordova command. I would suggest the below option.

Create file android/res/xml/network_security_config.xml -

    <?xml version="1.0" encoding="utf-8"?>
    <network-security-config>
    <base-config cleartextTrafficPermitted="true" />
    <domain-config cleartextTrafficPermitted="true">
        <domain includeSubdomains="true">Your URL(ex: 127.0.0.1)</domain>
    </domain-config>
    </network-security-config>

AndroidManifest.xml -

    <?xml version="1.0" encoding="utf-8"?>
    <manifest ...>
        <uses-permission android:name="android.permission.INTERNET" />
        <application
            ...
            android:networkSecurityConfig="@xml/network_security_config"
            ...>
            ...
        </application>
    </manifest>

Source: Stackoverflow.com

Questions with android tag:

Under what circumstances can I call findViewById with an Options Menu / Action Bar item? How to implement a simple scenario the OO way My eclipse won't open, i download the bundle pack it keeps saying error log getting " (1) no such column: _id10 " error java doesn't run if structure inside of onclick listener Cannot retrieve string(s) from preferences (settings) strange error in my Animation Drawable how to put image in a bundle and pass it to another activity FragmentActivity to Fragment A failure occurred while executing com.android.build.gradle.internal.tasks Why am I seeing net::ERR_CLEARTEXT_NOT_PERMITTED errors after upgrading to Cordova Android 8? "Failed to install the following Android SDK packages as some licences have not been accepted" error Android Gradle 5.0 Update:Cause: org.jetbrains.plugins.gradle.tooling.util No Creators, like default construct, exist): cannot deserialize from Object value (no delegate- or property-based Creator WebView showing ERR_CLEARTEXT_NOT_PERMITTED although site is HTTPS WARNING: API 'variant.getJavaCompile()' is obsolete and has been replaced with 'variant.getJavaCompileProvider()' GoogleMaps API KEY for testing Can I use library that used android support with Androidx projects. How to allow all Network connection types HTTP and HTTPS in Android (9) Pie? Android Material and appcompat Manifest merger failed Deprecated Gradle features were used in this build, making it incompatible with Gradle 5.0 How to format DateTime in Flutter , How to get current time in flutter? How to change package name in flutter? Failed to resolve: com.android.support:appcompat-v7:28.0 What is AndroidX? Unable to resolve dependency for ':app@debug/compileClasspath': Could not resolve FirebaseInstanceIdService is deprecated installation app blocked by play protect Handling back button in Android Navigation Component Android design support library for API 28 (P) not working Failed to resolve: com.google.firebase:firebase-core:16.0.1 com.google.android.gms:play-services-measurement-base is being requested by various other libraries java.lang.NoClassDefFoundError:failed resolution of :Lorg/apache/http/ProtocolVersion Install Android App Bundle on device Conflict with dependency 'com.android.support:support-annotations' in project ':app'. Resolved versions for app (26.1.0) and test app (27.1.1) differ. How to develop Android app completely using python? Invoke-customs are only supported starting with android 0 --min-api 26 Flutter.io Android License Status Unknown How to open Android Device Monitor in latest Android Studio 3.1 Default interface methods are only supported starting with Android N How can I change the app display name build with Flutter? Error:(9, 5) error: resource android:attr/dialogCornerRadius not found error: resource android:attr/fontVariationSettings not found Flutter does not find android sdk Error - Android resource linking failed (AAPT2 27.0.3 Daemon #0) Error : Program type already present: android.support.design.widget.CoordinatorLayout$Behavior flutter run: No connected devices Cannot inline bytecode built with JVM target 1.8 into bytecode that is being built with JVM target 1.6 Still getting warning : Configuration 'compile' is obsolete and has been replaced with 'implementation' PANIC: Cannot find AVD system path. Please define ANDROID_SDK_ROOT (in windows 10)

Questions with cordova tag:

Why am I seeing net::ERR_CLEARTEXT_NOT_PERMITTED errors after upgrading to Cordova Android 8? Xcode couldn't find any provisioning profiles matching Cordova app not displaying correctly on iPhone X (Simulator) JAVA_HOME is set to an invalid directory: ionic 2 - Error Could not find an installed version of Gradle either in Android Studio cordova Android requirements failed: "Could not find an installed version of Gradle" Error: Could not find gradle wrapper within Android SDK. Might need to update your Android SDK - Android Ionic 2: Cordova is not available. Make sure to include cordova.js or run in a device/simulator (running in emulator) Cordova : Requirements check failed for JDK 1.8 or greater Can't accept license agreement Android SDK Platform 24 PANIC: Broken AVD system path. Check your ANDROID_SDK_ROOT value How to host material icons offline? Running Node.Js on Android cordova run with ios error .. Error code 65 for command: xcodebuild with args: Ionic android build Error - Failed to find 'ANDROID_HOME' environment variable How to Run Terminal as Administrator on Mac Pro Refused to load the script because it violates the following Content Security Policy directive ionic build Android | error: No installed build tools found. Please install the Android build tools Cordova - Error code 1 for command | Command failed for "No Content-Security-Policy meta tag found." error in my phonegap application How do you completely remove Ionic and Cordova installation from mac? Update cordova plugins in one command How to create a signed APK file using Cordova command line interface? Error: ANDROID_HOME is not set and "android" command not in your PATH. You must fulfill at least one of these conditions. How to check cordova android version of a cordova/phonegap project? 'node' is not recognized as an internal or an external command, operable program or batch file while using phonegap/cordova PhoneGap Eclipse Issue - eglCodecCommon glUtilsParamSize: unknow param errors Removing cordova plugins from the project Is there a real solution to debug cordova apps External resource not being loaded by AngularJs Build android release apk on Phonegap 3.x CLI Not showing placeholder for input type="date" field Apache Cordova - uninstall globally Error executing command 'ant' on Mac OS X 10.9 Mavericks when building for Android with PhoneGap/Cordova iOS 7 status bar overlapping UI $apply already in progress error Is there a difference between PhoneGap and Cordova commands? Phonegap Cordova installation Windows phonegap open link in browser How to add app icon within phonegap projects? Xamarin 2.0 vs Appcelerator Titanium vs PhoneGap jQuery Cross Domain Ajax HTML5 LocalStorage: Checking if a key exists load Js file in HTML How can I open a .db file generated by eclipse(android) form DDMS-->File explorer-->data--->data-->packagename-->database? jQuery Mobile: document ready vs. page events Remove attribute "checked" of checkbox Application Error - The connection to the server was unsuccessful. (file:///android_asset/www/index.html) Exit from app when click button in android phonegap? How To Save Canvas As An Image With canvas.toDataURL()?

Tags

Splash-screen Pixmap Amplitude Chirpy Purify Browser-extension Dotproject Aliases Unique-id Ports Public-members Comparison Shell-verbs Debuggervisualizer Isnullorempty Truncated Ssh-agent Msr Tcp-port Locationlistener Qt-maemo Nexusdb Open-packaging-convention Javafx Mobile-application Amqp Nshttpcookie Language-enhancement Siena Isinteger Binary-serialization Principalpermission Plasmoid Datamapper Psd Olpc Xspf Eshell Iequatable Arabic Labview Log4php Hexagonal-architecture Actionlink Children Epg Cab Execute-immediate Dynamic-rebinding Coloranimation Datapager Data-layer Preview D Navigation-style Mcrypt Activemq-cpp Android-sdcard Msf Privatefontcollection System-tables Draggable Pgp-desktop Recess Moma Sdl-opengl Junit4 Createwindowex Autofac Extract Ssh Inferred-type Xmlserializer Stm32 Cgpoint Application.cfc Updatepanelanimationexte Link-to Unordered-set Vptr Spreadsheet Javax.swing.timer Treenode Seek Unicode-escapes Adts Detail Web-project Ignoreroute Subquery-factoring Stdole Layout Time-travel Swfloader Nsmanagedobjectcontext Inamingcontainer Fluentvalidation Array-push Bundle Android-emulator