0

在 Android 10 设备上,我在我的 http 服务器上的 web 视图中收到 ERR_CLEARTEXT_NOT_PERMITTED 错误,但仅在某些页面上,即使我使用 network_security_config 来允许域。我只能通过使用打开所有域来解决该错误。我该如何解决这个问题,以便只允许我的域,并且不会收到错误,但不使用?

日志猫:

07:54:09.004 com.myserver.myapp D/myapp: Webview.onPageStarted called on http://myserver.com/myapp/index.php?view=discrete
07:54:09.232 com.myserver.myapp I/myapp: onPageFinished called.
07:54:15.938 com.myserver.myapp D/myapp: Webview.onPageStarted called on http://myserver.com/myapp/index.php?view=about
07:54:15.958 com.myserver.myapp I/myapp: onReceivedError called.
07:54:15.958 com.myserver.myapp I/myapp: Web Load Error:net::ERR_CLEARTEXT_NOT_PERMITTED
07:54:16.012 com.myserver.myapp I/myapp: onPageFinished called.

网络安全配置 xml:

<network-security-config>
<domain-config cleartextTrafficPermitted="true">
    <domain includeSubdomains="true">localhost</domain>
    <domain includeSubdomains="true">myserver.com</domain>
</domain-config>
    <!-- Want to delete this for better security--> 
    <base-config cleartextTrafficPermitted="true"/>
</network-security-config>
4

1 回答 1

0

根本原因是提供第三方广告内容 (Google Ads) 的 javascript 没有使用 https。

向 onReceivedError 添加了代码以记录导致问题的 URL...

public void onReceivedError(WebView view, WebResourceRequest request, WebResourceError error) {
            super.onReceivedError(view, request, error);
            Log.i(TAG, "onReceivedError called for URL "+ request.getUrl().toString());
}
于 2020-10-11T19:00:39.920 回答