Idea: Block requests to non-Wikimedia domains

According to Gemini, this blocks all network requests to non-Wikimedia servers:

res/xml/network_security_config.xml :
```
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config>
        <domain includeSubdomains="true">wikimedia.org</domain>
        <trust-anchors>
            <certificates src="system" />
        </trust-anchors>
    </domain-config>
    <base-config cleartextTrafficPermitted="false">
        <trust-anchors>
        </trust-anchors>
    </base-config>
</network-security-config>
```

AndroidManifest.xml :
```
<application
    ...
    android:networkSecurityConfig="@xml/network_security_config"
    ...>
    ...
</application>
```

It could be useful as some libraries might be tempted to send telemetry, which I believe would be against Wikimedia's privacy policy. These libraries might crash when trying so we will have to test a lot.

We would have to also add Wikidata.org and possibly a few others.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Idea: Block requests to non-Wikimedia domains #6550

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Idea: Block requests to non-Wikimedia domains #6550

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions