Skip to content

fix: allow cleartext traffic#2009

Merged
RohitKushvaha01 merged 6 commits intoAcode-Foundation:mainfrom
RohitKushvaha01:fix_http
Apr 7, 2026
Merged

fix: allow cleartext traffic#2009
RohitKushvaha01 merged 6 commits intoAcode-Foundation:mainfrom
RohitKushvaha01:fix_http

Conversation

@RohitKushvaha01
Copy link
Copy Markdown
Member

@RohitKushvaha01 RohitKushvaha01 commented Apr 3, 2026

No description provided.

@RohitKushvaha01 RohitKushvaha01 self-assigned this Apr 3, 2026
@RohitKushvaha01 RohitKushvaha01 added the CI: RUN ON-DEMAND PREVIEW RELEASES Triggers an on-demand preview build for this pull request via CI workflow. label Apr 3, 2026
@github-actions github-actions bot removed the CI: RUN ON-DEMAND PREVIEW RELEASES Triggers an on-demand preview build for this pull request via CI workflow. label Apr 3, 2026
@github-actions

This comment has been minimized.

Sign in to view
@greptile-apps
Copy link
Copy Markdown
Contributor

greptile-apps bot commented Apr 3, 2026
edited
Loading

Greptile Summary

This PR fixes cleartext HTTP traffic support by adding android:usesCleartextTraffic=\"true\" to both edit-config blocks in config.xml and removing an invalid <domain-config> block from network_security_config.xml that used * as a domain value (wildcards are not supported by Android's NSC, so that block was silently ignored). The <base-config cleartextTrafficPermitted=\"true\"> already present in the NSC file already permits cleartext traffic globally, making the new manifest attribute technically redundant — but the approach is correct and functional.

Confidence Score: 5/5

Safe to merge — the change correctly fixes cleartext traffic and removes a non-functional wildcard domain entry.

All new findings are P2 (redundant attribute). All previously raised concerns (global cleartext scope, multiple application elements) were already discussed in prior threads. The wildcard domain that was removed was never a valid Android NSC pattern, so the functional impact of removing it is zero. The net result is a working cleartext config.

No files require special attention.

Important Files Changed

Filename Overview
config.xml Adds android:usesCleartextTraffic="true" to the existing edit-config block and duplicates all application attributes in a second edit-config block targeting app/src/main/AndroidManifest.xml to ensure Cordova applies the settings in both manifest locations.
res/android/xml/network_security_config.xml Removes the invalid wildcard domain-config block (Android NSC does not support * as a domain value); the existing base-config with cleartextTrafficPermitted="true" already handles cleartext globally.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[HTTP Request] --> B{android:networkSecurityConfig set?}
    B -- Yes --> C[Evaluate network_security_config.xml]
    B -- No --> D[Use android:usesCleartextTraffic attribute]
    C --> E{domain-config match?}
    E -- Yes --> F[Use domain-config cleartextTrafficPermitted]
    E -- No --> G[Use base-config]
    G --> H[cleartextTrafficPermitted=true]
    H --> I[✅ Cleartext Allowed]
    F --> I
    D --> J[usesCleartextTraffic=true]
    J --> I
    style I fill:#90EE90
    style H fill:#90EE90
    style J fill:#lightgray,stroke:#aaa
Loading

Reviews (6): Last reviewed commit: "fix: cordova issue" | Re-trigger Greptile

greptile-apps[bot]
greptile-apps bot reviewed Apr 3, 2026
View reviewed changes
@RohitKushvaha01 RohitKushvaha01 marked this pull request as draft April 3, 2026 03:19
@github-actions

This comment has been minimized.

Sign in to view
@RohitKushvaha01
Copy link
Copy Markdown
Member Author

RohitKushvaha01 commented Apr 3, 2026

@greptileai

@RohitKushvaha01 RohitKushvaha01 marked this pull request as ready for review April 3, 2026 03:28
@RohitKushvaha01

This comment was marked as outdated.

Sign in to view
@RohitKushvaha01 RohitKushvaha01 added the CI: RUN ON-DEMAND PREVIEW RELEASES Triggers an on-demand preview build for this pull request via CI workflow. label Apr 3, 2026
@github-actions github-actions bot removed the CI: RUN ON-DEMAND PREVIEW RELEASES Triggers an on-demand preview build for this pull request via CI workflow. label Apr 3, 2026
@github-actions

This comment has been minimized.

Sign in to view
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 3, 2026

Preview Release for this, has been built.

Click here to view that github actions build

bajrangCoder
bajrangCoder requested changes Apr 3, 2026
View reviewed changes
@RohitKushvaha01 RohitKushvaha01 deleted the fix_http branch April 7, 2026 05:13
@RohitKushvaha01
Copy link
Copy Markdown
Member Author

RohitKushvaha01 commented Apr 7, 2026

@greptileai

@RohitKushvaha01 RohitKushvaha01 merged commit 50a125b into Acode-Foundation:main Apr 7, 2026
18 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bajrangCoder bajrangCoder bajrangCoder requested changes

@UnschooledGamer UnschooledGamer Awaiting requested review from UnschooledGamer

+1 more reviewer

@greptile-apps greptile-apps[bot] greptile-apps[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@RohitKushvaha01 RohitKushvaha01

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@RohitKushvaha01 @bajrangCoder