Why am I seeing net ERR CLEARTEXT NOT PERMITTED errors after upgrading to Cordova Android 8

Question

After upgrading to Cordova Android 8 0  I am seeing net  ERR CLEARTEXT NOT PERMITTED errors when trying to connect to http    targets   Why is that and how can I resolve this

User · Answer

Just add this line to platforms android app src main AndroidManifest xml file  lt application android hardwareAccelerated  quot true quot  android icon  quot  mipmap ic launcher quot  android label  quot  string app name quot  android supportsRtl  quot true quot  android usesCleartextTraffic  quot true quot  gt

User · Answer

After reading the whole discussion looking for a way to authorize communication to all IP addresses as in my case the IP address to where the request will be sent is defined by the user in an input text and can not be defined in the configuration file  Here is how I resolved the issue here are the configuration config xml  lt platform name  quot android quot  gt               lt edit-config file  quot app src main AndroidManifest xml quot  mode  quot merge quot  target  quot  manifest application quot  xmlns android  quot http   schemas android com apk res android quot  gt               lt application android networkSecurityConfig  quot  xml network security config quot    gt           lt  edit-config gt           lt resource-file src  quot resources android xml network security config xml quot  target  quot app src main res xml network security config xml quot    gt       lt  platform gt   resources android xml network security config xml  lt  xml version  quot 1 0 quot  encoding  quot utf-8 quot   gt   lt network-security-config gt       lt base-config cleartextTrafficPermitted  quot true quot    gt   lt  network-security-config gt   The most important piece of code is  lt base-config cleartextTrafficPermitted  quot true quot    gt  in  lt network-security-config gt  instead of domain-config

User · Answer

Following is the solution which worked for me  The files which I updated are as follows    config xml  Full Path   config xml  network security config xml  Full Path   resources android xml network security config xml    Changes in the corresponding files are as follows   1  config xml  I have added  lt application android usesCleartextTraffic  true    gt  tag within  lt edit-config gt  tag in the config xml file   lt platform name  android  gt       lt edit-config file  app src main AndroidManifest xml  mode  merge  target   manifest application  xmlns android  http   schemas android com apk res android  gt           lt application android usesCleartextTraffic  true    gt           lt application android networkSecurityConfig   xml network security config    gt       lt  edit-config gt           lt platform name  android  gt    2  network security config xml  In this file I have added 2  lt domain gt  tag within  lt domain-config gt  tag  the main domain and a sub domain as per my project requirement   lt  xml version  1 0  encoding  utf-8   gt   lt network-security-config gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain includeSubdomains  true  gt mywebsite in lt  domain gt           lt domain includeSubdomains  true  gt api mywebsite in lt  domain gt       lt  domain-config gt   lt  network-security-config gt    Thanks  Ashutosh for the providing the help   Hope it helps

User · Answer

If You have Legacy Cordova framework having issues with NPM and Cordova command  I would suggest the below option   Create file android res xml network security config xml -       lt  xml version  1 0  encoding  utf-8   gt       lt network-security-config gt       lt base-config cleartextTrafficPermitted  true    gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain includeSubdomains  true  gt Your URL ex  127 0 0 1  lt  domain gt       lt  domain-config gt       lt  network-security-config gt    AndroidManifest xml -       lt  xml version  1 0  encoding  utf-8   gt       lt manifest     gt           lt uses-permission android name  android permission INTERNET    gt           lt application                             android networkSecurityConfig   xml network security config                  gt                           lt  application gt       lt  manifest gt

User · Answer

There are two things to correct in config xml So the right answer should be adding the xmls android    lt widget id  com my awesomeapp  version  1 0 0   xmlns  http   www w3 org ns widgets  xmlns android  http   schemas android com apk res android   xmlns cdv  http   cordova apache org ns 1 0  gt    plus editing the config to allow    lt platform name  android  gt     lt edit-config file  app src main AndroidManifest xml  mode  merge  target   manifest application  gt         lt application android usesCleartextTraffic  true    gt     lt  edit-config gt   lt  platform gt    If step 1 is avoided error  unbound prefix  will appear

User · Answer

Adding the following attribute within the opening  lt  widget   tag worked for me  Simple and live reloads correctly on a Android 9 emulator   xmlns android  http   schemas android com apk res android    lt widget id  com my awesomeapp  version  1 0 0   xmlns  http   www w3 org ns widgets  xmlns android  http   schemas android com apk res android   xmlns cdv  http   cordova apache org ns 1 0  gt

User · Answer

you should add   lt base-config cleartextTrafficPermitted  true  gt       lt trust-anchors gt           lt certificates src  system    gt       lt  trust-anchors gt   lt  base-config gt    to      resources android xml network security config xml   like this   lt network-security-config gt   lt base-config cleartextTrafficPermitted  true  gt       lt trust-anchors gt           lt certificates src  system    gt       lt  trust-anchors gt   lt  base-config gt    lt domain-config cleartextTrafficPermitted  true  gt       lt domain includeSubdomains  true  gt localhost lt  domain gt   lt  domain-config gt   lt  network-security-config gt

User · Answer

I ran into this problem myself today  and found a really nifty plugin that will save you the hassle of trying to manually allow cleartext traffic in Android 9  for your Apache Cordova application  Simply install cordova-plugin-cleartext  and the plugin should take care of all the behind the scenes Android stuff for you     cordova plugin add cordova-plugin-cleartext   cordova prepare   cordova run android

User · Answer

Old ionic cli  4 2  was causing issue in my case  update to 5 solve the problem

User · Answer

Der Hochstapler thanks for the solution  but in IONIC 4 some customization in project config xml work for me     Add a line in Widget tag   lt widget id  com my awesomeapp  version  1 0 0   xmlns  http   www w3 org ns widgets  xmlns android  http   schemas android com apk res android   xmlns cdv  http   cordova apache org ns 1 0  gt    after this  in the Platform tag for android customize some lines check below add usesCleartextTraffic true after networkSecurityConfig and resource-file tags    lt platform name  android  gt           lt edit-config file  app src main AndroidManifest xml  mode  merge  target   manifest application  xmlns android  http   schemas android com apk res android  gt               lt application android networkSecurityConfig   xml network security config    gt           lt  edit-config gt           lt resource-file src  resources android xml network security config xml  target  app src main res xml network security config xml    gt           lt edit-config file  AndroidManifest xml  mode  merge  target   manifest application  gt               lt application android usesCleartextTraffic  true    gt           lt  edit-config gt       lt  platform gt

User · Answer

To solve the problem there s other option   in file resources android xml network security config xml  insert    lt network-security-config gt      lt base-config cleartextTrafficPermitted  true  gt          lt trust-anchors gt              lt certificates src  system    gt          lt  trust-anchors gt      lt  base-config gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain gt localhost lt  domain gt           lt domain includeSubdomains  true  gt 192 168 7 213 8733 lt  domain gt       lt  domain-config gt   lt  network-security-config gt    Im my case I  m using IP address then base-config is necessary  but if you have a domain  just add the domain

User · Answer

The default API level in the Cordova Android platform has been upgraded  On an Android 9 device  clear text communication is now disabled by default   To allow clear text communication again  set the android usesCleartextTraffic on your application tag to true    lt platform name  android  gt     lt edit-config file  app src main AndroidManifest xml  mode  merge  target   manifest application  gt         lt application android usesCleartextTraffic  true    gt     lt  edit-config gt   lt  platform gt    As noted in the comments  if you have not defined the android XML namespace previously  you will receive an error  unbound prefix during build  This indicates that you need to add it to your widget tag in the same config xml  like so    lt widget id  you-app-id  version  1 2 3  xmlns  http   www w3 org ns widgets   xmlns android  http   schemas android com apk res android  xmlns cdv  http   cordova apache org ns 1 0  gt

User · Answer

After a few days of struggle  this works for me  and I hope this also works for you   add this to your CONFIG XML  top of your code      lt access origin       gt   lt allow-navigation href       gt    and this  under the platform android    lt edit-config file  app src main AndroidManifest xml      mode  merge  target   manifest application      xmlns android  http   schemas android com apk res android  gt        lt application android usesCleartextTraffic  true    gt        lt application android networkSecurityConfig   xml network security config    gt    lt  edit-config gt    lt resource-file src  resources android xml network security config xml    target  app src main res xml network security config xml    gt    add the follow code to this file  resources android xml network security config xml     lt  xml version  1 0  encoding  utf-8   gt   lt network-security-config gt       lt base-config cleartextTrafficPermitted  true  gt           lt trust-anchors gt               lt certificates src  system    gt           lt  trust-anchors gt       lt  base-config gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain includeSubdomains  true  gt localhost lt  domain gt           lt domain includeSubdomains  true  gt YOUR DOMAIN HERE IP lt  domain gt       lt  domain-config gt   lt  network-security-config gt

User · Answer

We are using the cordova-custom-config plugin to manage our Android configuration   In this case the solution was to add a new custom-preference to our config xml        lt platform name  android  gt            lt preference name  orientation  value  portrait    gt            lt  --     other settings     -- gt            lt  -- Allow http connections  by default Android only allows https  -- gt           lt  -- See  https   stackoverflow com questions 54752716  -- gt           lt custom-preference             name  android-manifest application  android usesCleartextTraffic              value  true    gt        lt  platform gt    Does anybody know how to do this only for development builds   I would be happy for release builds to leave this setting false    I see the iOS configuration offers buildType  debug  for that  but I m not sure if this applies to Android configuration

User · Answer

Im using IONIC 5 4 13  cordova 9 0 0  cordova-lib 9 0 1   I might be repeating information but for me problem started appearing after adding some plugin  not sure yet   I tried all above combinations  but nothing worked  It only started working after adding       lt base-config cleartextTrafficPermitted  true  gt          lt trust-anchors gt              lt certificates src  system    gt          lt  trust-anchors gt      lt  base-config gt    to file in project at     resources android xml network security config xml   so my network security config xml file now looks like    lt  xml version  1 0  encoding  utf-8   gt   lt network-security-config gt      lt base-config cleartextTrafficPermitted  true  gt          lt trust-anchors gt              lt certificates src  system    gt          lt  trust-anchors gt      lt  base-config gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain includeSubdomains  true  gt localhost lt  domain gt           lt domain includeSubdomains  true  gt 10 1 25 10 lt  domain gt       lt  domain-config gt   lt  network-security-config gt    Thanks to all

User · Answer

Cleartext here represents unencrypted information  Since Android 9  it is recommended that apps should call HTTPS APIs to make sure there is no eves dropping   However  if we still need to call HTTP APIs  we can do following   Platform  Ionic 4  Create a file named  network security config xml under project-root resources android xml  Add following lines    lt  xml version  1 0  encoding  utf-8   gt   lt network-security-config gt      lt domain-config cleartextTrafficPermitted  true  gt        lt domain gt ip-or-domain-name lt  domain gt      lt  domain-config gt   lt  network-security-config gt    Now in project-root config xml  update following lines    lt platform name  android  gt       lt edit-config file  app src main AndroidManifest xml  mode  merge  target   manifest application  xmlns android  http   schemas android com apk res android  gt           lt application android usesCleartextTraffic  true    gt           lt application android networkSecurityConfig   xml network security config    gt       lt  edit-config gt          other statements      It should work now

User · Answer

In an Ionic 4 capacitor project  when I packaged and deployed to android phone for testing I got this error  Resolved by re-installing capacitor and updating android platform   npm run build --prod --release npx cap copy npm install --save  capacitor core  capacitor cli npx cap init npx cap update android npx cap open android

User · Answer

Following solution worked for me-  goto resources android xml network security config xml Change it to-   lt  xml version  1 0  encoding  utf-8   gt   lt network-security-config gt       lt domain-config cleartextTrafficPermitted  true  gt           lt domain includeSubdomains  true  gt localhost lt  domain gt           lt domain includeSubdomains  true  gt api example com to be adjusted  lt  domain gt       lt  domain-config gt   lt  network-security-config gt

[android] Why am I seeing net::ERR_CLEARTEXT_NOT_PERMITTED errors after upgrading to Cordova Android 8?

Examples related to android

Examples related to cordova