Android Question Cleartext traffic allowed for all domains

ThePuiu

Active Member
Licensed User
Hi,
I tried to publish in Google Play an application that communicates with a non https server. I added in the manifest file the line:
B4X:
CreateResourceFromFile(Macro, Core.NetworkClearText)

Also in the manifest tab is set targetSdkVersion="29".

The application is not supported when publishing with the message: Cleartext traffic allowed for all domains. Can only one non-https domain be specified to which the application can connect?
Is the error due to the sdk version? Can a new release version with a smaller SDK be uploaded over one with an SDK = 29?
I haven't had this problem before ...
 

drgottjr

Well-Known Member
Licensed User
it's not an "error" so much as a violation of a policy for publication at play store. you cannot allow cleartext traffic as the default. this is what occurs when you add the cleartext macro to your manifest. you have to remove that line from the manifest and create your own network security config file. in it you will add a list of url's for which your app permits cleartext. the cleartext macro refers to a network security file embedded in B4A's core, but it permits cleartext to all domains. if you don't invoke the macro, that file is ignored. if you want cleartext in an app at the play store, you need to add your own network security config file to your manifest, that is, a file which does not permit cleartext to all domains as the default.

regarding publication at play store, you need sdk29. for personal use, you can permit cleartext for all domains.
 
Upvote 0

drgottjr

Well-Known Member
Licensed User
i typed "network security config" in the search box....
this popped up

and there's always google; this is not strictly a B4A issue.
 
Upvote 0

ThePuiu

Active Member
Licensed User
I added in the manifest file the code: (after I deleted CreateResourceFromFile(Macro, Core.NetworkClearText))
B4X:
SetApplicationAttribute(android:networkSecurityConfig, @xml/network_security_config)
CreateResource(xml, network_security_config.xml,
<network-security-config>
<base-config cleartextTrafficPermitted="true">
    <trust-anchors>
        <certificates src="system" />
    </trust-anchors>
</base-config>
</network-security-config>
)

and I added a new xml folder to the solution folder. Here I added a network_security_config.xml file. This file contains:
B4X:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config cleartextTrafficPermitted="true">
       <domain includeSubdomains="true">api.domain.eu</domain>
    </domain-config>
</network-security-config>

What did I not do well because the application did not work?


LE:
After several release / debug attempts and clear project, the application works! Now I'm going to upload it to Google Play to see if it accepts it that way.
 
Last edited:
Upvote 0

ThePuiu

Active Member
Licensed User
I noticed that once a project has been created for an application with an SDK = 29, that application with a lower SDK can no longer be updated.
 
Upvote 0

drgottjr

Well-Known Member
Licensed User
good job! (with cleartext). but what are you talking about with the sdk? you said it was 29. 29 is the minimum for play store. i had to update my apps from 28 to 29 (per notice from google months ago). i have no problem doing regular updates for them once they were changed to 29. what have you done now?
 
Upvote 0

ThePuiu

Active Member
Licensed User
I didn't know that 29 is the minimum accepted by Google now, and with version 28 the application worked with CreateResourceFromFile (Macro, Core.NetworkClearText)
When I saw that I could not change the code as you told me, I tried to upload the application with SDK version = 28 ... obviously, it didn't work!
 
Upvote 0

drgottjr

Well-Known Member
Licensed User
i told you in my first post that 29 was the minimum for play store. so, just upload your app again with version 29.
you say the application works with your network security config file, so there you go. finished.

you cannot allow cleartext as the default. you can only allow it for a list of specific domains referred to in a network security config file.
sdk29 + proper network security config file = OK for play store. i don't understand what the issue is now.
 
Upvote 0
Top