NetworkSecurityPolicy

extends Object

java.lang.Object
↳	android.security.NetworkSecurityPolicy

Class Overview

Network security policy.

Network stacks/components should honor this policy to make it possible to centrally control the relevant aspects of network security behavior.

The policy currently consists of a single flag: whether cleartext network traffic is permitted. See isCleartextTrafficPermitted().

Summary

Public Methods
static NetworkSecurityPolicy	getInstance() Gets the policy for this process.
boolean	isCleartextTrafficPermitted() Returns whether cleartext network traffic (e.g.

[Expand]

Inherited Methods

From class java.lang.Object

Object	clone() Creates and returns a copy of this `Object`.
boolean	equals(Object o) Compares this instance with the specified object and indicates if they are equal.
void	finalize() Invoked when the garbage collector has detected that this instance is no longer reachable.
final Class<?>	getClass() Returns the unique instance of `Class` that represents this object's class.
int	hashCode() Returns an integer hash code for this object.
final void	notify() Causes a thread which is waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
final void	notifyAll() Causes all threads which are waiting on this object's monitor (by means of calling one of the `wait()` methods) to be woken up.
String	toString() Returns a string containing a concise, human-readable description of this object.
final void	wait() Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object.
final void	wait(long millis, int nanos) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.
final void	wait(long millis) Causes the calling thread to wait until another thread calls the `notify()` or `notifyAll()` method of this object or until the specified timeout expires.

Public Methods

public static NetworkSecurityPolicy getInstance ()

Added in API level 23

Gets the policy for this process.

It's fine to cache this reference. Any changes to the policy will be immediately visible through the reference.

public boolean isCleartextTrafficPermitted ()

Added in API level 23

Returns whether cleartext network traffic (e.g. HTTP, FTP, WebSockets, XMPP, IMAP, SMTP -- without TLS or STARTTLS) is permitted for this process.

When cleartext network traffic is not permitted, the platform's components (e.g. HTTP and FTP stacks, DownloadManager, MediaPlayer) will refuse this process's requests to use cleartext traffic. Third-party libraries are strongly encouraged to honor this setting as well.

This flag is honored on a best effort basis because it's impossible to prevent all cleartext traffic from Android applications given the level of access provided to them. For example, there's no expectation that the Socket API will honor this flag because it cannot determine whether its traffic is in cleartext. However, most network traffic from applications is handled by higher-level network stacks/components which can honor this aspect of the policy.

NOTE: WebView does not honor this flag.

Results

Interfaces