bitwarden/android
1
0
Fork 0
mirror of https://github.com/bitwarden/android.git synced 2025-12-11 04:39:19 -06:00
Code Issues Packages Projects Releases 169 Wiki Activity

[PM-24697] Allow cleartext traffic on OCSP and CRL servers (#5761)

Browse Source
This commit is contained in:
aj-rosado 2025-08-20 21:10:03 +01:00 committed by GitHub
parent bc0a18f250
commit 717d5665e0
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
app/src/main/res/xml/network_security_config.xml
View File

@ -12,6 +12,18 @@
</trust-anchors>
</base-config>
<!-- A lot of TLS certificates point to http:// URLs for CRL and OCSP checking,
so we need to allow cleartext traffic on them -->
<domain-config cleartextTrafficPermitted="true">
<!-- CRL Distribution Servers -->
<domain includeSubdomains="true">c.lencr.org</domain>
<domain includeSubdomains="true">c.pki.goog</domain>
<!-- OCSP Responder Servers -->
<domain includeSubdomains="true">o.pki.goog</domain>
<domain includeSubdomains="true">ocsp.sectigo.com</domain>
</domain-config>
<domain-config cleartextTrafficPermitted="false">
<domain includeSubdomains="true">bitwarden.com</domain>
<domain includeSubdomains="true">bitwarden.eu</domain>