源码分析 Android 9.0 http请求适配原理
在上述文章中有一段源码:
// the legacy FLAG_USES_CLEARTEXT_TRAFFIC is not supported for Ephemeral apps, they
// should use the network security config.
boolean usesCleartextTraffic =
(mApplicationInfo.flags & ApplicationInfo.FLAG_USES_CLEARTEXT_TRAFFIC) != 0
&& mApplicationInfo.targetSandboxVersion < 2;
source = new DefaultConfigSource(usesCleartextTraffic, mApplicationInfo);
这段代码的意思是api>27, usesCleartextTraffic为false
关于ApplicationInfo.FLAG_USES_CLEARTEXT_TRAFFIC
/**
* Value for {@link #flags}: {@code true} if the application may use cleartext network traffic
* (e.g., HTTP rather than HTTPS; WebSockets rather than WebSockets Secure; XMPP, IMAP, STMP
* without STARTTLS or TLS). If {@code false}, the app declares that it does not intend to use
* cleartext network traffic, in which case platform components (e.g., HTTP stacks,
* {@code DownloadManager}, {@code MediaPlayer}) will refuse app's requests to use cleartext
* traffic. Third-party libraries are encouraged to honor this flag as well.
*
* <p>NOTE: {@code WebView} honors this flag for applications targeting API level 26 and up.
*
* <p>This flag is ignored on Android N and above if an Android Network Security Config is
* present.
*
* <p>This flag comes from
* {@link android.R.styleable#AndroidManifestApplication_usesCleartextTraffic
* android:usesCleartextTraffic} of the <application> tag.
*
* 如果应用可以使用明文则 {@link #flags}: {@code true},如果应用并不可以使用明文请
* 求则{@code false},在此情况下,系统组件会拒绝执行明文请求,三方库也被鼓励去遵循
* 这个原则。在Android N及以上如果应用做了网络安全配置,则忽略这个标记。
*/
public static final int FLAG_USES_CLEARTEXT_TRAFFIC = 1<<27;
关于android:targetSandboxVersion
The target sandbox for this app to use. The higher the sandbox version number, the higher the level of security. Its default value is 1; you can also set it to 2. Setting this attribute to 2 switches the app to a different SELinux sandbox.
app使用的目标沙箱版本。越高的版本号意味着越高的安全等级。默认级别1;你可以设置为2.设置这个属性为2则会切换app到一个不同的SELinux 沙箱。
The following restrictions apply to a level 2 sandbox:
- The default value of
usesCleartextTrafficin the Network Security Config is false. - Uid sharing is not permitted.
关于级别2沙箱的限制:
- 在网络安全配置中默认
usesCleartextTraffic为false; - 不允许Uid sharing
For Android Instant Apps targeting Android 8.0 (API level 26) or higher, this attribute must be set to 2. You can set the sandbox level in the installed version of your app to the less restrictive level 1, but if you do so, your app does not persist app data from the instant app to the installed version of your app. You must set the installed app's sandbox value to 2 in order for the data to persist from the instant app to the installed version.
对于目标版本为Android 8.0或者更高的Instant App,这个属性必须设置为2。你把已经安装app版本沙箱版本设置为1,但是如果你这么做,你的app将不能从instant app持久化app数据到已安装版本,那么你就必须设置app沙箱版本为2。
Once an app is installed, you can only update its target sandbox value to a higher value. To downgrade the target sandbox value, you must uninstall the app and replace it with a version whose manifest contains a lower value for this attribute.
一旦app已经安装,你只能将目标沙箱版本升级到更高值。想要降级版本号就必须卸载重新安装。
网友评论