CopyPastor

Add below line in manifest file.
**android:usesCleartextTraffic="true"**
AndroidManifest.xml -

<?xml version="1.0" encoding="utf-8"?> <manifest ...> <uses-permission android:name="android.permission.INTERNET" /> <application ... android:usesCleartextTraffic="true" ...> ... </application> </manifest>
For more info [android:usesCleartextTraffic Doc][1]

[1]: https://developer.android.com/guide/topics/manifest/application-element#usesCleartextTraffic

According to [Network security configuration][1] -
> Starting with Android 9 (API level 28), cleartext support is disabled > by default.
Also have a look at [Android M and the war on cleartext traffic][2]
[Codelabs explanation][3] from Google
**Option 1 -**
First try hitting the URL with "https://" instead of "http://"
**Option 2 -**
Create file res/xml/network_security_config.xml -
<?xml version="1.0" encoding="utf-8"?> <network-security-config> <domain-config cleartextTrafficPermitted="true"> <domain includeSubdomains="true">api.example.com(to be adjusted)</domain> </domain-config> </network-security-config>
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?> <manifest ...> <uses-permission android:name="android.permission.INTERNET" /> <application ... android:networkSecurityConfig="@xml/network_security_config" ...> ... </application> </manifest>
**Option 3 -**
[android:usesCleartextTraffic Doc][4]
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?> <manifest ...> <uses-permission android:name="android.permission.INTERNET" /> <application ... android:usesCleartextTraffic="true" ...> ... </application> </manifest>
Also as [@david.s' answer][5] pointed out `android:targetSandboxVersion` can be a problem too -
According to [Manifest Docs][6] -
> `android:targetSandboxVersion` > > The target sandbox for this app to use. The higher the sandbox version > number, the higher the level of security. Its default value is 1; you > can also set it to 2. Setting this attribute to 2 switches the app to > a different SELinux sandbox. The following restrictions apply to a > level 2 sandbox: > > - The default value of `usesCleartextTraffic` in the Network Security Config is false. > - Uid sharing is not permitted.
**So Option 4 -**
If you have `android:targetSandboxVersion` in `<manifest>` then reduce it to `1`
AndroidManifest.xml -
<?xml version="1.0" encoding="utf-8"?> <manifest android:targetSandboxVersion="1"> <uses-permission android:name="android.permission.INTERNET" /> ... </manifest>

[1]: https://developer.android.com/training/articles/security-config#CleartextTrafficPermitted [2]: https://koz.io/android-m-and-the-war-on-cleartext-traffic/ [3]: https://developer.android.com/codelabs/android-network-security-config [4]: https://developer.android.com/guide/topics/manifest/application-element#usesCleartextTraffic [5]: https://stackoverflow.com/a/45955297/7599300 [6]: https://developer.android.com/guide/topics/manifest/manifest-element#targetSandboxVersion

CopyPastor

Possible Plagiarism

Original Post