Stay organized with collections
Save and categorize content based on your preferences.
NetworkSecurityPolicy
open class NetworkSecurityPolicy
Network security policy.
Network stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.
Summary
| Public methods |
| open static NetworkSecurityPolicy! |
Gets the policy for this process.
|
| open Boolean |
Returns true if Certificate Transparency information is required to be verified by the client in TLS connections to hostname.
|
| open Boolean |
Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.
|
| open Boolean |
Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with
|
Public methods
getInstance
open static fun getInstance(): NetworkSecurityPolicy!
Gets the policy for this process.
It's fine to cache this reference. Any changes to the policy will be immediately visible through the reference.
isCertificateTransparencyVerificationRequired
open fun isCertificateTransparencyVerificationRequired(hostname: String): Boolean
Returns true if Certificate Transparency information is required to be verified by the client in TLS connections to hostname.
See RFC6962 section 3.3 for more details.
| Parameters |
hostname |
String: hostname to check whether certificate transparency verification is required This value cannot be null. |
| Return |
Boolean |
true if certificate transparency verification is required and false otherwise |
isCleartextTrafficPermitted
open fun isCleartextTrafficPermitted(): Boolean
Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.
When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and FTP stacks, android.app.DownloadManager, android.media.MediaPlayer) will refuse this process's requests to use cleartext traffic. Third-party libraries are strongly encouraged to honor this setting as well.
This flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from Android applications given the level of access provided to them. For example, there's no expectation that the java.net.Socket API will honor this flag because it cannot determine whether its traffic is in cleartext. However, most network traffic from applications is handled by higher-level network stacks/components which can honor this aspect of the policy.
NOTE: android.webkit.WebView honors this flag for applications targeting API level 26 and up.
isCleartextTrafficPermitted
open fun isCleartextTrafficPermitted(hostname: String!): Boolean
Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with hostname for this process.
Content and code samples on this page are subject to the licenses described in the Content License. Java and OpenJDK are trademarks or registered trademarks of Oracle and/or its affiliates.
Last updated 2025-03-13 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-13 UTC."],[],[],null,["# NetworkSecurityPolicy\n\nAdded in [API level 23](https://developer.android.com/guide/topics/manifest/uses-sdk-element.html#ApiLevels)\n\nNetworkSecurityPolicy\n=====================\n\n*** ** * ** ***\n\nKotlin \\|[Java](/reference/android/security/NetworkSecurityPolicy \"View this page in Java\") \n\n```\nopen class NetworkSecurityPolicy\n```\n\n|---|---------------------------------------------|\n| [kotlin.Any](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-any/index.html) ||\n| ↳ | [android.security.NetworkSecurityPolicy](#) |\n\nNetwork security policy.\n\nNetwork stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.\n\nSummary\n-------\n\n| Public methods ||\n|-----------------------------------------------------------------------------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| open static [NetworkSecurityPolicy](#)! | [getInstance](#getInstance())`()` Gets the policy for this process. |\n| open [Boolean](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-boolean/index.html) | [isCertificateTransparencyVerificationRequired](#isCertificateTransparencyVerificationRequired(kotlin.String))`(`hostname:` `[String](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-string/index.html)`)` Returns `true` if Certificate Transparency information is required to be verified by the client in TLS connections to `hostname`. |\n| open [Boolean](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-boolean/index.html) | [isCleartextTrafficPermitted](#isCleartextTrafficPermitted())`()` Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process. |\n| open [Boolean](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-boolean/index.html) | [isCleartextTrafficPermitted](#isCleartextTrafficPermitted(kotlin.String))`(`hostname:` `[String](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-string/index.html)!`)` Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with |\n\nPublic methods\n--------------\n\n### getInstance\n\nAdded in [API level 23](https://developer.android.com/guide/topics/manifest/uses-sdk-element.html#ApiLevels) \n\n```\nopen static fun getInstance(): NetworkSecurityPolicy!\n```\n\nGets the policy for this process.\n\nIt's fine to cache this reference. Any changes to the policy will be immediately visible through the reference. \n\n### isCertificateTransparencyVerificationRequired\n\nAdded in [API level 36](https://developer.android.com/guide/topics/manifest/uses-sdk-element.html#ApiLevels) \n\n```\nopen fun isCertificateTransparencyVerificationRequired(hostname: String): Boolean\n```\n\nReturns `true` if Certificate Transparency information is required to be verified by the client in TLS connections to `hostname`.\n\nSee RFC6962 section 3.3 for more details.\n\n| Parameters ||\n|------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|\n| `hostname` | [String](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-string/index.html): hostname to check whether certificate transparency verification is required This value cannot be `null`. |\n\n| Return ||\n|------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|\n| [Boolean](https://kotlinlang.org/api/latest/jvm/stdlib/kotlin/-boolean/index.html) | `true` if certificate transparency verification is required and `false` otherwise |\n\n### isCleartextTrafficPermitted\n\nAdded in [API level 23](https://developer.android.com/guide/topics/manifest/uses-sdk-element.html#ApiLevels) \n\n```\nopen fun isCleartextTrafficPermitted(): Boolean\n```\n\nReturns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.\n\nWhen cleartext network traffic is not permitted, the platform's components (e.g. HTTP and FTP stacks, [android.app.DownloadManager](../app/DownloadManager.html#), [android.media.MediaPlayer](../media/MediaPlayer.html#)) will refuse this process's requests to use cleartext traffic. Third-party libraries are strongly encouraged to honor this setting as well.\n\nThis flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from Android applications given the level of access provided to them. For example, there's no expectation that the [java.net.Socket](../../java/net/Socket.html#) API will honor this flag because it cannot determine whether its traffic is in cleartext. However, most network traffic from applications is handled by higher-level network stacks/components which can honor this aspect of the policy.\n\nNOTE: [android.webkit.WebView](../webkit/WebView.html#) honors this flag for applications targeting API level 26 and up. \n\n### isCleartextTrafficPermitted\n\nAdded in [API level 24](https://developer.android.com/guide/topics/manifest/uses-sdk-element.html#ApiLevels) \n\n```\nopen fun isCleartextTrafficPermitted(hostname: String!): Boolean\n```\n\nReturns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with `hostname` for this process. \n**See Also**\n\n- \u003c#isCleartextTrafficPermitted()\u003e"]]
