Describe the bug
From React Native version 0.58 onwards, with Android API version 28, no clear text traffic is allowed by default. But currently the React Native packager and debugger connects to the device or emulator via HTTP taking either localhost or 10.0.0.2. These values are hardcoded in RN's codebase.
We tried to make an exception to them by putting below config block in the network_security_config.xml file which is further referenced in the AndroidManifest.xml file.
But this config is not acknowledge by the TrustKit module with below exception, hence causing the app to crash upon launch.
03-02 16:18:56.826 19455 19455 E AndroidRuntime: java.lang.RuntimeException: Unable to create application ***.***.MainApplication: com.datatheorem.android.trustkit.config.ConfigurationException: Tried to pin an invalid domain: 10.0.3.2
...
03-02 16:18:56.826 19455 19455 E AndroidRuntime: Caused by: com.datatheorem.android.trustkit.config.ConfigurationException: Tried to pin an invalid domain: 10.0.3.2
03-02 16:18:56.826 19455 19455 E AndroidRuntime: at com.datatheorem.android.trustkit.config.DomainPinningPolicy.<init>(DomainPinningPolicy.java:48)
This problem is very similar to #25 for which only localhost was exempted.
To Reproduce
Put above XML config block for clear text traffic in an RN (version >= 0.58) app with TrustKit module installed, run react-native run-android to install and launch it in an Android emulator. The app will crash upon launch and the above exception messages can be read via logcat.
Expected behavior
Certain local IP addresses like 10.0.2.2 used by the RN packager and debugger should be considered as valid domain.
Describe the bug From React Native version 0.58 onwards, with Android API version 28, no clear text traffic is allowed by default. But currently the React Native packager and debugger connects to the device or emulator via HTTP taking either
localhost
or10.0.0.2
. These values are hardcoded in RN's codebase.We tried to make an exception to them by putting below config block in the
network_security_config.xml
file which is further referenced in theAndroidManifest.xml
file.This SO entry explains this approach in detail.
But this config is not acknowledge by the TrustKit module with below exception, hence causing the app to crash upon launch.
This problem is very similar to #25 for which only
localhost
was exempted.To Reproduce Put above XML config block for clear text traffic in an RN (version >= 0.58) app with TrustKit module installed, run
react-native run-android
to install and launch it in an Android emulator. The app will crash upon launch and the above exception messages can be read vialogcat
.Expected behavior Certain local IP addresses like 10.0.2.2 used by the RN packager and debugger should be considered as valid domain.
TrustKit configuration
App details: