Added in API level 23

NetworkSecurityPolicy

open class NetworkSecurityPolicy
kotlin.Any
   ↳ android.security.NetworkSecurityPolicy

Network security policy.

Network stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.

Summary

Public methods
open static NetworkSecurityPolicy!

Gets the policy for this process.

open Boolean

Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.

open Boolean

Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with

Public methods

getInstance

Added in API level 23
open static fun getInstance(): NetworkSecurityPolicy!

Gets the policy for this process.

It's fine to cache this reference. Any changes to the policy will be immediately visible through the reference.

isCleartextTrafficPermitted

Added in API level 23
open fun isCleartextTrafficPermitted(): Boolean

Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for all network communication from this process.

When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and FTP stacks, android.app.DownloadManager, android.media.MediaPlayer) will refuse this process's requests to use cleartext traffic. Third-party libraries are strongly encouraged to honor this setting as well.

This flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from Android applications given the level of access provided to them. For example, there's no expectation that the java.net.Socket API will honor this flag because it cannot determine whether its traffic is in cleartext. However, most network traffic from applications is handled by higher-level network stacks/components which can honor this aspect of the policy.

NOTE: android.webkit.WebView honors this flag for applications targeting API level 26 and up.

isCleartextTrafficPermitted

Added in API level 24
open fun isCleartextTrafficPermitted(hostname: String!): Boolean

Returns whether cleartext network traffic (e.g. HTTP, FTP, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for communicating with hostname for this process.