usesCleartextTraffic in the Android manifest file
The attribute `android:usesCleartextTraffic="true"` in the Android manifest file is used to specify whether an application intends to use network traffic that is not encrypted via SSL/TLS. This setting applies to both HTTP and other clear text traffic from the app.
Here’s how it works:
-
**
android:usesCleartextTraffic="true"**: This allows the app to use clear text network traffic, such as HTTP, in all parts of the app. This setting is not recommended for production as it can expose sensitive data to potential interception by attackers. -
**
android:usesCleartextTraffic="false"**: This restricts the app from using clear text network traffic and enforces the use of encrypted traffic such as HTTPS. It’s the recommended setting for enhancing the security of the app.
The attribute is part of the `
<application android:label="@string/app_name" android:icon="@drawable/ic_launcher" android:usesCleartextTraffic="true"> ... </application>
If this attribute is not explicitly set, the default behavior varies by platform version:
-
On Android 9 (API level 28) and above, the default is
false. -
On Android 8.1 (API level 27) and below, the default is
true.
For better security, it's advisable to handle data securely by using HTTPS and setting `android:usesCleartextTraffic` to `false` unless there is a specific reason that necessitates using clear text traffic.
Written by Anonymous
Career insights & tech expertise
Life Beyond the Job Search
While you're building your career, don't forget about the practical aspects of life. Whether you're relocating for a new job or just need to declutter, Bharath Surplus can help you with all your life needs.
Also explore Bharath Surplus for buying, selling, and auction opportunities