Allow cleartext to some LAN domains

This functionality exists in the desktop client, so hoping to mirror that as much as Android allows

This addresses a number of the use cases touched on in #1793. Enabling clear text to various official and standard LAN-only domains means it's easier to develop the Android application, as a Matrix server can be deployed locally without much fuss anywhere on the developer's LAN. This can reduce the reliance on a DNS or SSL certificates when neither are really relevant to the functionality of the client/server. In particular, managing SSL certs without a public domain is a pain in the butt.

At the same time, this does not significantly diminish the security of Element Android, as at the current time these domains are either explicitly not valid TLDs or conventionally not TLDs (so would be an unexpected change if they were to become so). In the event e.g. `.home` becomes a TLD, it would be appropriate to remove it from this list.
This commit is contained in:
Toby Murray 2021-04-30 00:47:57 -04:00
parent 38e83e1f35
commit 33337bd772
2 changed files with 11 additions and 0 deletions

View File

@ -38,6 +38,7 @@ git branch -u origin/main main
# And optionally
git remote prune origin
```
- Allow cleartext (non-SSL) connections to Matrix servers on LAN hosts (#3166)
Changes in Element 1.1.6 (2021-04-16)
===================================================

View File

@ -13,6 +13,16 @@
<domain includeSubdomains="true">10.0.2.2</domain>
<!-- Onion services -->
<domain includeSubdomains="true">onion</domain>
<!-- Domains that are used for LANs -->
<!-- These are IANA recognized special use domain names, see https://www.iana.org/assignments/special-use-domain-names/special-use-domain-names.xhtml -->
<domain includeSubdomains="true">home.arpa</domain>
<domain includeSubdomains="true">local</domain> <!-- Note this has been reserved for use with mDNS -->
<domain includeSubdomains="true">test</domain>
<!-- These are observed in the wild either by convention or RFCs that have not been accepted, and are not currently TLDs -->
<domain includeSubdomains="true">home</domain>
<domain includeSubdomains="true">lan</domain>
<domain includeSubdomains="true">localdomain</domain>
</domain-config>
<debug-overrides>