Merge branch 'venilnoronha-issue-2513-fix'

* venilnoronha-issue-2513-fix: Fixes #2513 - NetworkSecurityPolicy based ConnectionSpec setup.
2026-01-15 20:56:41 +03:00 · 2016-04-26 23:42:09 -04:00
parent 209c6c5589 e3cd9b9f1c
commit 48ff30b428
2 changed files with 35 additions and 2 deletions
--- a/okhttp/src/main/java/okhttp3/OkHttpClient.java
+++ b/okhttp/src/main/java/okhttp3/OkHttpClient.java
@@ -65,10 +65,16 @@ public class OkHttpClient implements Cloneable, Call.Factory {
  private static final List<Protocol> DEFAULT_PROTOCOLS = Util.immutableList(
      Protocol.HTTP_2, Protocol.SPDY_3, Protocol.HTTP_1_1);

-  private static final List<ConnectionSpec> DEFAULT_CONNECTION_SPECS = Util.immutableList(
-      ConnectionSpec.MODERN_TLS, ConnectionSpec.COMPATIBLE_TLS, ConnectionSpec.CLEARTEXT);
+  private static final List<ConnectionSpec> DEFAULT_CONNECTION_SPECS;

  static {
+    List<ConnectionSpec> connSpecs = new ArrayList<>(Arrays.asList(ConnectionSpec.MODERN_TLS,
+        ConnectionSpec.COMPATIBLE_TLS));
+    if (Platform.get().isCleartextTrafficPermitted()) {
+      connSpecs.add(ConnectionSpec.CLEARTEXT);
+    }
+    DEFAULT_CONNECTION_SPECS = Util.immutableList(connSpecs);
+
    Internal.instance = new Internal() {
      @Override public void addLenient(Headers.Builder builder, String line) {
        builder.addLenient(line);
--- a/okhttp/src/main/java/okhttp3/internal/Platform.java
+++ b/okhttp/src/main/java/okhttp3/internal/Platform.java
@@ -67,6 +67,10 @@ import static okhttp3.internal.Internal.logger;
 *
 * <p>Supported on Android 2.3+ and OpenJDK 7+. There are no public APIs to recover the trust
 * manager that was used to create an {@link SSLSocketFactory}.
+ *
+ * <h3>Android Cleartext Permit Detection</h3>
+ *
+ * <p>Supported on Android 6.0+ via {@code NetworkSecurityPolicy}.
 */
 public class Platform {
  private static final Platform PLATFORM = findPlatform();
@@ -128,6 +132,10 @@ public class Platform {
    System.out.println(message);
  }

+  public boolean isCleartextTrafficPermitted() {
+    return true;
+  }
+
  public static List<String> alpnProtocolNames(List<Protocol> protocols) {
    List<String> names = new ArrayList<>(protocols.size());
    for (int i = 0, size = protocols.size(); i < size; i++) {
@@ -298,6 +306,25 @@ public class Platform {
        } while (i < newline);
      }
    }
+
+    @Override public boolean isCleartextTrafficPermitted() {
+      try {
+        Class<?> networkPolicyClass = Class.forName("android.security.NetworkSecurityPolicy");
+        Method getInstanceMethod = networkPolicyClass.getMethod("getInstance");
+        Object networkSecurityPolicy = getInstanceMethod.invoke(null);
+        Method isCleartextTrafficPermittedMethod = networkPolicyClass
+            .getMethod("isCleartextTrafficPermitted");
+        boolean cleartextPermitted = (boolean) isCleartextTrafficPermittedMethod
+            .invoke(networkSecurityPolicy);
+        return cleartextPermitted;
+      } catch (ClassNotFoundException e) {
+        return super.isCleartextTrafficPermitted();
+      } catch (NoSuchMethodException | IllegalAccessException | IllegalArgumentException
+          | InvocationTargetException e) {
+        throw new AssertionError();
+      }
+    }
+
  }

  /**