NetworkSecurityPolicy
public
class
NetworkSecurityPolicy
extends Object
java.lang.Object | |
↳ | android.security.NetworkSecurityPolicy |
Network security policy.
Network stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.
Summary
Public methods | |
---|---|
static
NetworkSecurityPolicy
|
getInstance()
Gets the policy for this process. |
boolean
|
isCleartextTrafficPermitted(String hostname)
Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without
TLS or STARTTLS) is permitted for communicating with |
boolean
|
isCleartextTrafficPermitted()
Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process. |
Inherited methods | |||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
Public methods
getInstance
public static NetworkSecurityPolicy getInstance ()
Gets the policy for this process.
It's fine to cache this reference. Any changes to the policy will be immediately visible through the reference.
Returns | |
---|---|
NetworkSecurityPolicy |
isCleartextTrafficPermitted
public boolean isCleartextTrafficPermitted (String hostname)
Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without
TLS or STARTTLS) is permitted for communicating with hostname
for this process.
Parameters | |
---|---|
hostname |
String |
Returns | |
---|---|
boolean |
See also:
isCleartextTrafficPermitted
public boolean isCleartextTrafficPermitted ()
Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.
When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and
FTP stacks, DownloadManager
, MediaPlayer
) will
refuse this process's requests to use cleartext traffic. Third-party libraries are strongly
encouraged to honor this setting as well.
This flag is honored on a best effort basis because it's impossible to prevent all
cleartext traffic from Android applications given the level of access provided to them. For
example, there's no expectation that the Socket
API will honor this flag
because it cannot determine whether its traffic is in cleartext. However, most network
traffic from applications is handled by higher-level network stacks/components which can
honor this aspect of the policy.
NOTE: WebView
honors this flag for applications targeting API level
26 and up.
Returns | |
---|---|
boolean |