Disclaimer: this looks incredibly the same as Ionic Native HTTP does not work for Anroid 9 (Pie) and up? but it isn't!
We are facing an incredibly strange and hard problem after updating our app today.
We are mantaining an Ionic v1 app for Android. It uses Cordova-Android 7. Today when we were uploading a new update to the play store we found a restriction forcing us to target SDK starting from 28. We added <preference name="android-targetSdkVersion" value="28" />
to the config.xml
file, re-built the app, tested on some smartphones and uploaded it. After distribution, we found that all network communication is failing on Android 9 devices. We were sure that this would be the popular cleartext error, so we changed all URLs to HTTPS. But the problem persisted. Then we build the app again but with the debuggable attribute on the manifest so we could inspect the app and see the errors, and we discovered that if we switch the debuggable feature on, the error doesn't happen - we are just adding it to the manifest, we are still building with the --release
flag.
So, the final scenario is:
--release flag
and we don't put the debuggable attribute on the manifestSo what the hell may be failing here?
Finally it seemed to be a somewhat kind of cleartext error teorically out of any specification. Our discovery was that adding
<edit-config file="AndroidManifest.xml" mode="merge" target="/manifest/application">
<application android:usesCleartextTraffic="true" />
</edit-config>
to the android platform tag on the config.xml
file solved the problem. So we can assure that on our Ionic 1 + Cordova-Android 7 + Cordova CLI 8 + Ionic CLI 4 + HTTPS + non debuggable production build scenario, HTTPS requests were interpreted as cleartext requests and thus blocked until we statedly allowed them.