Package libcore.net

Class NetworkSecurityPolicy

  • public class NetworkSecurityPolicy
extends Object
    Network security policy for this process/application.

    Network stacks/components are expected to honor this policy. Components which can use the Android framework API should be accessing this policy via the framework's android.security.NetworkSecurityPolicy instead of via this class.

    The policy currently consists of a single flag: whether cleartext network traffic is permitted. See isCleartextTrafficPermitted().

    • Constructor Detail

      • NetworkSecurityPolicy

        public NetworkSecurityPolicy()

    • Method Detail

      • isCleartextTrafficPermitted

        public static boolean isCleartextTrafficPermitted()
        Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for this process.

        When cleartext network traffic is not permitted, the platform's components (e.g. HTTP stacks, WebView, MediaPlayer) will refuse this process's requests to use cleartext traffic. Third-party libraries are encouraged to do the same.

        This flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from an application given the level of access provided to applications on Android. For example, there's no expectation that Socket API will honor this flag. Luckily, most network traffic from apps is handled by higher-level network stacks which can be made to honor this flag. Platform-provided network stacks (e.g. HTTP and FTP) honor this flag from day one, and well-established third-party network stacks will eventually honor it.

        See FtpURLConnection for an example of honoring this flag.

      • setCleartextTrafficPermitted

        public static void setCleartextTrafficPermitted​(boolean permitted)
        Sets whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for this process.
        See Also:
        isCleartextTrafficPermitted()