From 33337bd77292c7dec2cf4365bf14a7b51f9dc3fe Mon Sep 17 00:00:00 2001 From: Toby Murray Date: Fri, 30 Apr 2021 00:47:57 -0400 Subject: [PATCH] Allow cleartext to some LAN domains This functionality exists in the desktop client, so hoping to mirror that as much as Android allows This addresses a number of the use cases touched on in #1793. Enabling clear text to various official and standard LAN-only domains means it's easier to develop the Android application, as a Matrix server can be deployed locally without much fuss anywhere on the developer's LAN. This can reduce the reliance on a DNS or SSL certificates when neither are really relevant to the functionality of the client/server. In particular, managing SSL certs without a public domain is a pain in the butt. At the same time, this does not significantly diminish the security of Element Android, as at the current time these domains are either explicitly not valid TLDs or conventionally not TLDs (so would be an unexpected change if they were to become so). In the event e.g. `.home` becomes a TLD, it would be appropriate to remove it from this list. --- CHANGES.md | 1 + vector/src/main/res/xml/network_security_config.xml | 10 ++++++++++ 2 files changed, 11 insertions(+) diff --git a/CHANGES.md b/CHANGES.md index 74b008bfc4..112c0c0d61 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -38,6 +38,7 @@ git branch -u origin/main main # And optionally git remote prune origin ``` + - Allow cleartext (non-SSL) connections to Matrix servers on LAN hosts (#3166) Changes in Element 1.1.6 (2021-04-16) =================================================== diff --git a/vector/src/main/res/xml/network_security_config.xml b/vector/src/main/res/xml/network_security_config.xml index 4bf79f16ba..b9f3d03986 100644 --- a/vector/src/main/res/xml/network_security_config.xml +++ b/vector/src/main/res/xml/network_security_config.xml @@ -13,6 +13,16 @@ 10.0.2.2 onion + + + + home.arpa + local + test + + home + lan + localdomain