Able to intercept network traffic on emulators
Opened this issue · 5 comments
Hi,
I am using version 1.1.1 of appmattus/certificateTransparency in my android app. In the onCreate of my application class, I add this interceptor as follows:
private void addCertificateTransparency() {
OkHttpClientProvider.setOkHttpClientFactory(new CertificateTransparencyInterceptorFactory());
}
class CertificateTransparencyInterceptorFactory : OkHttpClientFactory {
override fun createNewNetworkModuleClient(): OkHttpClient {
val interceptor = certificateTransparencyInterceptor {
+"abc.com"
+"api.xyz.com"
}
return OkHttpClientProvider.createClientBuilder()
.addNetworkInterceptor(interceptor)
.build()
}
}
On the release apks, when I use a network interceptor tool (like HttpToolkit/Charles), I find that the network calls are intercepted on emulators. But they are not intercepted on real devices. This interception on emulators also should not happen with Certificate transparency, right?
More info:
I have also added a network security.xml file for the release variant, that adds trust anchors as follows:
<trust-anchors>
<certificates src="system" />
</trust-anchors>
Am I doing anything wrong here or is any part of setup incomplete? Why am I able to intercept network calls on my emulator? And how do I fix this? Please help here.
@mattmook -
I am not able to intercept network traffic on emulators that have Google Play store installed
But i am able to intercept network traffic on emulators that dont have Google play store
Pls help here.
Using tools like Charles, Http Toolkit, burpsuite etc