TechQA.

Android app is debuggable on Charles when not supposed to be (Nougat vs Marshmallow)

246 views Asked by At

I want to create two versions of my app:

  1. Debuggable by Charles
  2. Not debuggable by Charles (to prevent external users from tracing the traffic)

I already know that Nougat behaves differently, and in order to be make Nougat behave like Marshmallow and below I have to add the following xml (which is essentially the default behaviour for Marshmallow and below) - 

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
  <base-config>
      <trust-anchors>
         <certificates src="system" />
         <certificates src="user" />
      </trust-anchors>
   </base-config>
</network-security-config>

and then I have to add the following to the "application" tag in the manifest -

android:networkSecurityConfig="@xml/network_security_config"

My problem begins here: I'm creating two flavors in my app. One with the above xml (which works fine on both versions), and one with the same xml, only <certificates src="user" /> is removed, which is supposed to not be debuggable in Charles, on both versions.

I cannot debug it on Nougat, but for some reason, it is debuggable by Charles on Marshmallow. Why is that? And how can I fix it?

android proxy android-6.0-marshmallow charles-proxy android-7.0-nougat
Original Q&A
0

There are 0 answers

Related Questions in ANDROID

Related Questions in PROXY

Related Questions in ANDROID-6.0-MARSHMALLOW

Related Questions in CHARLES-PROXY

Related Questions in ANDROID-7.0-NOUGAT

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions