- Jun 6, 2020
- 11,559
- 4,422
Every developer must understand this article if developing any kind of network communication app.
Android os recent versions put end apps users privacy at the heart of its platform, the network communication between apps MUST BE secure by default, meaning connection must be to HTTPS not HTTP , because HTTP connection is exposed to any interceptor ,then user data breached and user privacy violated.
So, if your app connects to the server using plain HTTP , app connection will be failed by default.
Android creates xml file managing this matter, the file is network_security_config.xml
This file makes the rules for connection pattern without modifying the app code.
To understand these rules (by very simple explaining) we want to basically understand normal connection between client and server using HTTPS:
- Client requests HTTPS url
- Server sends its SSL/TLS certificate (hashed plain file) to client before sending actual data response.
- Client OS (not app itself) checks if this...
Android os recent versions put end apps users privacy at the heart of its platform, the network communication between apps MUST BE secure by default, meaning connection must be to HTTPS not HTTP , because HTTP connection is exposed to any interceptor ,then user data breached and user privacy violated.
So, if your app connects to the server using plain HTTP , app connection will be failed by default.
Android creates xml file managing this matter, the file is network_security_config.xml
This file makes the rules for connection pattern without modifying the app code.
To understand these rules (by very simple explaining) we want to basically understand normal connection between client and server using HTTPS:
- Client requests HTTPS url
- Server sends its SSL/TLS certificate (hashed plain file) to client before sending actual data response.
- Client OS (not app itself) checks if this...
برای دیدن لینک ها باید ثبت نام کنید
برای دیدن لینک ها باید ثبت نام کنید