mirrors/oeffi
1
0
Fork 0
mirror of https://gitlab.com/oeffi/oeffi.git synced 2025-07-07 16:18:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

network_security_config.xml: Convert to a whitelist of domains that still cannot use HTTPS.

Browse source
This commit is contained in:
Andreas Schildbach 2019-10-28 10:17:10 +01:00
parent 46af1ac343
commit 6222597ef0
1 changed files with 16 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
oeffi/res/xml/network_security_config.xml
View file

@ -1,10 +1,25 @@
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config cleartextTrafficPermitted="true" >
<!-- Most public transport authorities have their servers configured securely these days. -->
<base-config cleartextTrafficPermitted="false">
<trust-anchors>
<certificates src="system" />
</trust-anchors>
</base-config>
<!-- This is the hall of shame: public transport authorities which still do not support HTTPS. -->
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="false">www.belgianrail.be</domain><!-- SNCB/NMBS -->
<domain includeSubdomains="false">android.vrsinfo.de</domain><!-- VRS -->
<domain includeSubdomains="false">wojhati.rta.ae</domain><!-- RTA Dubai -->
<domain includeSubdomains="false">appefa10.verbundlinie.at</domain><!-- STV -->
<domain includeSubdomains="false">railteam.hafas.eu</domain><!-- Railteam -->
<domain includeSubdomains="false">mobil.vbl.ch</domain><!-- VBL -->
<domain includeSubdomains="false">efa.vvo-online.de</domain><!-- VVO -->
<domain includeSubdomains="false">mobil.rozklad-pkp.pl</domain><!-- PKP -->
<domain includeSubdomains="false">efa.mobilitaetsverbund.de</domain><!-- VVM -->
<domain includeSubdomains="false">fahrplan.sbb.ch</domain><!-- SBB -->
</domain-config>
</network-security-config>