How to Force Xamarin to Use HTTP Over HTTPS
— Xamarin, CSharp, Android, Mobile Development — 1 min read
In the latest version of Android, you can not use the HTTP protocol to connect to a web service and, you are bound to use HTTPS.
So, if you try to send a request to your API or want to get data from your cloud-hosted services and use HTTP you'll get the
Java.IO.IOException exception with a message Cleartext HTTP traffic to <API ENDPOINT> not permitted.
But, there is always (at least most of the time) a second option to override some rules. This context is not out of it. Within a few simple steps, you can override the rule, even though you should always use HTTPS instead of HTTP. But you know, the situation is not always the same so, we have to be prepared for everything while we can.
Note: I don't know exactly from which version they expect us to use
HTTPSoverHTTP, so I have used the generic term "latest".
Let's get started.
Step 1: Create security configuration
First, In your Xamarin.Android project, create a folder named XML under the Resources folder. Then, create a XML file named network_security_config.xml inside the XML folder. Now paste the following configuration inside the newly created file.
1<?xml version="1.0" encoding="utf-8"?>2<network-security-config>3 <base-config cleartextTrafficPermitted="true" />4 <domain-config cleartextTrafficPermitted="true">5 <domain includeSubdomains="true"><YOUR_API_ENDPOINT></domain>6 <domain includeSubdomains="true"><YOUR_API_ENDPOINT></domain>7 ...8 </domain-config>9</network-security-config>Make sure that the build target is set to AndroidResource
Step 2: Register the configuration
Now open the AndroidManifest.xml and within the <application></application> tag, register the configuration like below -
1<application android:networkSecurityConfig="@xml/network_security_config">2 ...And voila! Now you can use the HTTP protocol without any error.