Jump to content

[TOPIC: topicViewTemplate]
[GLOBAL: userSmallPhoto]
Photo

Cleartext traffic allowed warning on Google play pre launch report
Started by mysticeti Mar 16 2019 11:57 PM

6 replies to this topic
[TOPIC CONTROLS]
[/TOPIC CONTROLS]
[modOptionsDropdown]
[/modOptionsDropdown]
[reputationFilter]
[TOPIC: post.html]
#1

mysticeti

[GLOBAL: userInfoPane.html]
mysticeti
  • Contributor

  • 121 posts
  • Corona SDK

To the corona team.

 

Hi

 

I have used 2019.3470 build. I get the following warning in the pre-launch report:

 

Cleartext traffic allowed for all domains
 

Your app's Network Security Configuration allows cleartext traffic for all domains. This could allow eavesdroppers to intercept data sent by your app. If that data is sensitive or user-identifiable it could impact the privacy of your users.

Consider only permitting encrypted traffic by setting the  cleartextTrafficPermitted flag to false, or adding an encrypted policy for specific domains.  Learn more

 



[TOPIC: post.html]
#2

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 25,541 posts
  • Enterprise

In daily build 3455, we set cleartextTraficPermitted was set to default to true. I'm not sure the reason for this, other than to remove warnings for people trying to use http://

 

I'll see if I can get a clarification from Engineering and see if there is a way to control the value.

 

Rob


  • mysticeti likes this

[TOPIC: post.html]
#3

vlads

[GLOBAL: userInfoPane.html]
vlads
  • Contributor

  • 654 posts
  • Corona Staff

Hello! Some ad network integrations require cleartext traffic, not user data is transmitted over it, just some art assets, as far as I understand.

 

This Google warning should not affect your app performance or ranking on Play Store. It may be a good idea to make this entry optional.


  • mysticeti likes this

[TOPIC: post.html]
#4

troylyndon

[GLOBAL: userInfoPane.html]
troylyndon
  • Contributor

  • 576 posts
  • Corona SDK

I'm using build 3476 and still getting this warning. Can nothing be done about it?



[TOPIC: post.html]
#5

Rob Miracle

[GLOBAL: userInfoPane.html]
Rob Miracle
  • Moderator

  • 25,541 posts
  • Enterprise

Troy you will have to provide us more information on what you're doing. Are you connecting to websites? Are you using http: or https:? Are you using ad networks?

 

It's just a warning and if any network activity you're doing is over https: and the ad networks are using http: this really becomes a harmless warning.

 

Rob



[TOPIC: post.html]
#6

troylyndon

[GLOBAL: userInfoPane.html]
troylyndon
  • Contributor

  • 576 posts
  • Corona SDK

I’m using https to connect w my server. No ads.

[TOPIC: post.html]
#7

vlads

[GLOBAL: userInfoPane.html]
vlads
  • Contributor

  • 654 posts
  • Corona Staff

Sorry. Please, ignore this warning for now. We're working on making this kind of thing optional. This warning should not affect Google play ranking or be visible to users.




[topic_controls]
[/topic_controls]