nabla-c0d3
commented
7 years ago Hi, You can find more information in the Getting Started guide: https://github.com/datatheorem/TrustKit-Android/blob/master/docs/getting-started.md#always-start-with-pinning-enforcement-disabled . When enforcement is disabled, connections that fail pinning validation do not get blocked (so the App works as usual) but reports are still being sent so you can have an idea of how many users would be getting errors, if enforcemenet was to be enabled.
I looked at source code and the only thing I could not find anywhere that it is skipping pinning check when it is "false". And the only reference I could find is in PinningFailureReport