How to fix 'Cleartext HTTP traffic to x not permitted' in xamarin android

Question

I have an issue in my application Cleartext HTTP traffic to x not permitted.

I've already tried putting android:usesCleartextTraffic="true" in my manifest. But i want to change "android:usesCleartextTraffic" flag to "false" to prevent unencrypted traffic from being sent.

How to solve this?

Answer 1

Assuming you are accessing a server that doesn't support HTTPS, then you can create exceptions in your network security config. You can create a file net_sec_conf.xml like this:

<?xml version="1.0" encoding="utf-8" ?>
<network-security-config>
  <base-config cleartextTrafficPermitted="false">
    <trust-anchors>
      <certificates src="system" />
    </trust-anchors>
  </base-config>
  <domain-config cleartextTrafficPermitted="true">
    <domain includeSubdomains="true">api.example.org</domain>
    <trust-anchors>
      <certificates src="system" />
    </trust-anchors>
  </domain-config>
</network-security-config>

and then in manifest file add this line:

android:networkSecurityConfig="@xml/net_sec_conf"

(assuming you have put the file in xml folder). This way cleartext HTTP traffic will only be allowed for the specified domain.

Of course, if the server supports HTTPS, then you just need to change your URL "http://..." to "https://...".

Answer 2

You can fix this with one line of code. Open AssemblyInfo.cs in your android project under properties and add the code below:

[assembly: Application(UsesCleartextTraffic = true)]

Answer 3

If at some point you want to move to MAUI (which has no AssemblyInfo.cs), you might want to add UsesCleartextTraffic) to your Application attribute in Platforms/Android/MainApplication.cs:

#if DEBUG                                   // connect to local service on the
[Application(UsesCleartextTraffic = true)]  // emulator's host for debugging,
#else                                       // access via http://10.0.2.2
[Application]                               
#endif
public class MainApplication : MauiApplication
{
    ...
}

Answer 4

In Maui, expand Platforms/Android and edit MainApplication.cs.

Replace "[Application]", near the top, with "[Application(UsesCleartextTraffic = true)]"

Answer 5

This worked for .Net MAUI.

What worked for me:

1. Create a file named network_security_config.xml in Platforms\Android\Resources\xml (create the 'xml' folder if does not exist).

2. Add this configuration to the file, replace YOUR_IP_ADRESS with your machine ip adress, which you can get by running 'ipconfig' in cmd and copy the value of 'Adresse IPv4':

    <network-security-config>
        <domain-config cleartextTrafficPermitted="true">
            <domain includeSubdomains="true">YOUR_IP_ADRESS</domain>
        </domain-config>
    </network-security-config>
   

3. Go to AndroidManifest.xml right click -> open with -> XML Editor(depends on the IDE you are using) and add the following values to the application node: <application .... android:networkSecurityConfig="@xml/network_security_config" android:usesCleartextTraffic="true" ...>

4. Go to MainApplication.cs in the Platforms/Android folder and add the following code as an attribute to the class:

   ... #if DEBUG [Application(UsesCleartextTraffic = true)] // for development, #else [Application(UsesCleartextTraffic = false)] // production #endif public class MainApplication : MauiApplication ...

Happy coding!