mirror of
https://github.com/avinal/nikki.git
synced 2026-07-03 21:40:09 +05:30
Allow cleartext HTTP for self-hosted servers
Memos instances may run on local networks, Tailscale (100.x), or other private infrastructure without TLS. The app defaults to HTTPS in the login flow; HTTP requires explicit user input. Android's domain-config doesn't support IP/CIDR matching, so cleartext is permitted globally with documentation. Signed-off-by: Avinal Kumar <avinal.xlvii@gmail.com> Co-Authored-By: Claude Opus 4.6 (1M context)
This commit is contained in:
@@ -1,4 +1,10 @@
|
|||||||
<?xml version="1.0" encoding="utf-8"?>
|
<?xml version="1.0" encoding="utf-8"?>
|
||||||
<network-security-config>
|
<network-security-config>
|
||||||
<base-config cleartextTrafficPermitted="false" />
|
<!--
|
||||||
|
Cleartext (HTTP) is permitted because users connect to self-hosted
|
||||||
|
Memos instances that may run on local networks, Tailscale (100.x),
|
||||||
|
or other private infrastructure without TLS. The app defaults to
|
||||||
|
HTTPS in the login flow; HTTP requires explicit user input.
|
||||||
|
-->
|
||||||
|
<base-config cleartextTrafficPermitted="true" />
|
||||||
</network-security-config>
|
</network-security-config>
|
||||||
|
|||||||
Reference in New Issue
Block a user