Skip to content

Most visited

Recently visited

navigation

NetworkSecurityPolicy

public class NetworkSecurityPolicy
extends Object

java.lang.Object
   ↳ android.security.NetworkSecurityPolicy


Network security policy.

Network stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.

The policy currently consists of a single flag: whether cleartext network traffic is permitted. See isCleartextTrafficPermitted().

Summary

Public methods

static NetworkSecurityPolicy getInstance()

Gets the policy for this process.

boolean isCleartextTrafficPermitted(String hostname)

Returns whether cleartext network traffic (e.g.

boolean isCleartextTrafficPermitted()

Returns whether cleartext network traffic (e.g.

Inherited methods

From class java.lang.Object

Public methods

getInstance

added in API level 23
NetworkSecurityPolicy getInstance ()

Gets the policy for this process.

It's fine to cache this reference. Any changes to the policy will be immediately visible through the reference.

Returns
NetworkSecurityPolicy

isCleartextTrafficPermitted

added in API level 24
boolean isCleartextTrafficPermitted (String hostname)

Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with hostname for this process.

Parameters
hostname String

Returns
boolean

See also:

isCleartextTrafficPermitted

added in API level 23
boolean isCleartextTrafficPermitted ()

Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.

When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and FTP stacks, DownloadManager, MediaPlayer) will refuse this process's requests to use cleartext traffic. Third-party libraries are strongly encouraged to honor this setting as well.

This flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from Android applications given the level of access provided to them. For example, there's no expectation that the Socket API will honor this flag because it cannot determine whether its traffic is in cleartext. However, most network traffic from applications is handled by higher-level network stacks/components which can honor this aspect of the policy.

NOTE: WebView does not honor this flag.

Returns
boolean

This site uses cookies to store your preferences for site-specific language and display options.

Get the latest Android developer news and tips that will help you find success on Google Play.

* Required Fields

Hooray!

Browse this site in ?

You requested a page in , but your language preference for this site is .

Would you like to change your language preference and browse this site in ? If you want to change your language preference later, use the language menu at the bottom of each page.

This class requires API level or higher

This doc is hidden because your selected API level for the documentation is . You can change the documentation API level with the selector above the left navigation.

For more information about specifying the API level your app requires, read Supporting Different Platform Versions.

Take a one-minute survey?
Help us improve Android tools and documentation.