Cross Reference: /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java

History log of /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
Revision	Date	Author	Comments (<<< Hide modified files) (Show modified files >>>)
c72875b01e04a12fa25bbc5468cf87f8bf11fcfa	28-Apr-2016	Chad Brubaker <cbrubaker@google.com>	Update trusted certificates when the trust store is changed This CL flushes the trusted cert cache of all active Network Security Configs and their TrustManagers. Previously CA addition mostly worked however removed CAs would remain cached in the X509TrustManager causing the removed CA to still be trusted. Change-Id: I0f5fd39932f8f8ed3ec5dfd088a82e982b366c43 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
9f779ab4affc3bbe401ed6bb433ee78a934162a6	20-Jun-2016	Chad Brubaker <cbrubaker@google.com>	Add getApplicationConfigForPackage getApplicationConfigForPackage will be used by system components that need to make connections for apps, e.g. DownloadManager, so that their secure connections have the same configuration as those from the app itself. Bug: 29505888 Change-Id: Idf1cac6307431911eda34529d3fd50f9ca0da314 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
c845b2a21cedda4dd221fcf01aae74706ecade94	13-May-2016	Chad Brubaker <cbrubaker@google.com>	Use an attribute for the network security config resource Originally we went with the meta-data approach to make unbundling easier, however with the amount of platform changes that the config ended up relying on it would be better to focus on exposing it through the platform. Bug:28763009 Change-Id: Iaf80001b1980220cd2e1e05faf2dc86af41700e1 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
bf9a82a6433701aa2f02761f3a7c425ffef4fa09	25-Mar-2016	Chad Brubaker <cbrubaker@google.com>	Add handleTrustStorageUpdate This pruns all the stored trusted issuers so that changes to the system or user CA store are detected. Currently this is only exposed as a TestApi, but it can be hooked up to the trusted storage change event in a future commit. Bug: 27526668 Change-Id: Ic426254babab9a3177c968bc05b45e95eaac1fdd /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
d321954f72439f041032d63a57c72081a1a69440	25-Jan-2016	Chad Brubaker <cbrubaker@google.com>	Merge "Add getApplicationConfigForPackage" am: 7519dce8c2 am: 8500093a35 * commit '8500093a351c40fdd2077fcd724396f72b51d3ba': Add getApplicationConfigForPackage
056e8b5a5ac041fd3db0a1e02b819baf38ebdc88	23-Jan-2016	Chad Brubaker <cbrubaker@google.com>	Add getApplicationConfigForPackage This allows services which make network connections on behalf of applications to honor the application's network security policy. Change-Id: I562b7bd0eb20f2f8c9f8342c211166d4e3397780 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
25e34339ba3e305c966d147eede3343803371ed2	05-Jan-2016	Chad Brubaker <cbrubaker@google.com>	Unhide hostname aware isCleartextTrafficPermitted Change-Id: Id2bde5889d963ca2820fdecce1628dce022b510b /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
2091ab94568edc20a9a36e8877026d65897d538d	09-Dec-2015	Chad Brubaker <cbrubaker@google.com>	Add hostname aware isCleartextTrafficPermitted Change-Id: I22b9ea277407846f9c333ce0cc37c25a2be1381e /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
6568cf185de1f540e87b827966dc09a268bf77a6	08-Dec-2015	Chad Brubaker <cbrubaker@google.com>	Refactor NetworkSecurityPolicy to be pluggable This allows us to keep the logic for the NetworkSecurityPolicy in the framework instead of in libcore. Change-Id: I4bf494f79c27729cb17d93d90a91319492270ce9 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
fbf4599a8edfc31585f207c434d35200a03657b4	21-Apr-2015	Alex Klyubin <klyubin@google.com>	Document that WebView doesn't honor "uses cleartext traffic" flag. Bug: 19215516 Change-Id: I5dbbaa03f3cae007c0b9b68fcf8cc8f250c16a62 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
e35cefbf23ec2fe55e8be9e4d20fc9adf4374171	15-Apr-2015	Alex Klyubin <klyubin@google.com>	Document usesCleartextTraffic app-level attribute. This updates the documentation of the application element of AndroidManifest.xml to mention the new android:usesCleartextTraffic attribute. This also updates the Javadoc of android.security.NetworkSecurityPolicy and ApplicationInfo to match. Bug: 19215516 Change-Id: I5c221b56addae8988b4db51994d18ae379d0fbe3 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
7cb000ff56babf18d39ab0aa31dfc5dcac0bf11e	26-Mar-2015	Alex Klyubin <klyubin@google.com>	Unhide public API about cleartext traffic policy. Bug: 19215516 Change-Id: I5da81a36c2f3d0edcf715a5f1b14b0a56c7abc6d /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
403a494d5611b4d782981c39b4ed28b2340a32f9	25-Mar-2015	Alex Klyubin <klyubin@google.com>	Framework's NetworkSecurityPolicy delegates to libcore's one. Now that the libcore's NetworkSecurityPolicy abstraction is in place, the framework version of the abstraction should delegate to the libcore one, to avoid them getting out of sync. Bug: 19215516 Change-Id: Ic57341d703a13e0fb100dc414958e8fd54e03816 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
84750f3a69ecfe4238fa1143e7ed6d7bd24fadc3	23-Mar-2015	Alex Klyubin <klyubin@google.com>	Address pending comments for NetworkSecurityPolicy. This is a follow-up to https://android-review.googlesource.com/#/c/131920/, addressing some outstanding comments. This CL also switches the source file to the correct indentation. Bug: 19215516 Change-Id: Ia48455ab351081e11619afcccadb8fa90340391d /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java
f9034cc4ae5a7d0ee67d505f46208384f9babf1c	12-Feb-2015	Alex Klyubin <klyubin@google.com>	Add android.security.NetworkSecurityPolicy. The initial purpose of the NetworkSecurityPolicy class is to provide a way for network libraries to check whether cleartext network traffic (e.g., HTTP, WebSockets, XMPP, IMAP, SMTP) should be blocked from this process. The policy is set declaratively by the app developer in the app's manifest and can be queried from ApplicationInfo.flags. Unfortunately, several network stacks (bundled and unbundled) do not have a reference to ApplicationInfo or Context. Alternatives: * Keep this API hidden (and thus potentially move it from framework to libcore), thus precluding unbundled HTTP stacks from using the API. * Introduce a new java.lang.System property instead of this API. However, such properties are a mess and not as powerful/extensible as a public class. Bug: 19215516 Change-Id: If22056a74d257bf1d805ebb4fc284240b3d338f1 /frameworks/base/core/java/android/security/NetworkSecurityPolicy.java