HTTP Fetch fails with "TypeError: Network request failed" => Resolved

[raffaeler]

Description

There are 83 issues opened and unanswered about network requests failing with this generic error.
The main causes of the pain are:

1. Not getting an answer from the team
2. The exception is far too generic and does not suggest the origin of the problem

Problem description

Using fetch to get/post on a HTTPS web server which is using a valid and trusted but not public CA.

• Using Chrome and other apps the requests are always successful and without certificate problems

Sample code in react native:

static async Post(): Promise<string> {
    let srv = "my.domain.com";
    let port = 5101;
    let device = "abcd";
    let url = `https://${srv}:${port}/Do/Something?devicename=${device}`;

    try {
        let response = await fetch(url, {
            method: 'POST',
            headers: {
                'Accept': 'application/json',
                'Content-type':'application/json'
            },
            body: JSON.stringify({
                key: 'value',
            })
        });

        if(response.status !== 200) throw new Error(`Can't open  ${srv} for ${device} with status ${response.status}`);
        return response.json();
    }
    catch(e) {
        console.log(e);
        throw(e);
    }
}

Solution

Due to Android restrictions, a network_security_config configuration must be added to the application. It is an xml file that can be added by following these steps:

1. Edit the android/app/src/main/AndroidManifest.xml
2. Add the android:networkSecurityConfig="@xml/network_security_config" to the <application /> tag
3. Create the folder android/app/src/main/res/xml and inside a file called network_security_config.xml
4. If you don't want to install the CA in the Android certificates, add the folder android/app/src/main/res/raw

Variant 1: using the certificates added manually to Android.

In this case the CA must be visible in the User Certificates in the Android Settings. Try using them by opening a website that uses those certificates in Chrome to verify they are valid and correctly installed.

Content of the network_security_config.xml

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config>
        <!-- Localhost config is NEEDED from react-native for the bundling to work  -->
        <domain-config cleartextTrafficPermitted="true">
            <domain includeSubdomains="true">127.0.0.1</domain>
            <domain includeSubdomains="true">10.0.0.1</domain>
            <domain includeSubdomains="true">localhost</domain>
        </domain-config>

        <domain includeSubdomains="true">my.domain.com</domain>
        <trust-anchors>
            <certificates src="user"/>
            <certificates src="system"/>
        </trust-anchors>
    </domain-config>
</network-security-config>

The <certificates src="user"/> is the one giving access to the certificates installed manually.

Variant 2: using a certificate bundled with the app

You should export (using ssl) a pem certificate containing just the public key, naming it "ca" (no extension). Copy the certificate in the raw folder

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
    <domain-config>
        <!-- Localhost config is NEEDED from react-native for the bundling to work  -->
        <domain-config cleartextTrafficPermitted="true">
            <domain includeSubdomains="true">127.0.0.1</domain>
            <domain includeSubdomains="true">10.0.0.1</domain>
            <domain includeSubdomains="true">localhost</domain>
        </domain-config>

        <domain includeSubdomains="true">my.domain.com</domain>
        <trust-anchors>
            <certificates src="@raw/ca"/>
            <certificates src="system"/>
        </trust-anchors>
    </domain-config>
</network-security-config>

Important note (added on June 22, 2022)

The local traffic (with the packager) must be unencrypted. For this reason the <domain-config /> must contain the clearTrafficPermitted=true.
It is also important adding the ip addresses used from react-native when debugging otherwise the application will crash because of the android:networkSecurityConfig="@xml/network_security_config" attribute. If you see the app crashing, take not of the ip used internally from react native and add it/them to this list. For example:

<domain-config cleartextTrafficPermitted="true">
            <domain includeSubdomains="true">127.0.0.1</domain>
            <domain includeSubdomains="true">10.0.0.1</domain>
            <domain includeSubdomains="true">10.0.1.1</domain>
            <domain includeSubdomains="true">10.0.2.2</domain>
            <domain includeSubdomains="true">localhost</domain>
        </domain-config>

Requested fix: please never throw exceptions with a generic message, they are only a huge pain.

Version

0.67.0

Output of npx react-native info

info Fetching system and libraries information...
System:
OS: Windows 10 10.0.19044
CPU: (8) x64 Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Memory: 8.20 GB / 31.93 GB
Binaries:
Node: 16.13.0 - C:\Program Files\nodejs\node.EXE
Yarn: 1.22.4 - C:\Program Files (x86)\Yarn\bin\yarn.CMD
npm: 8.1.3 - C:\Program Files\nodejs\npm.CMD
Watchman: Not Found
SDKs:
Android SDK:
API Levels: 19, 23, 25, 26, 27, 28, 29, 30
Build Tools: 19.1.0, 21.1.2, 22.0.1, 23.0.1, 23.0.3, 26.0.2, 27.0.0, 28.0.0, 28.0.3, 29.0.2, 30.0.2
System Images: android-27 | Google APIs Intel x86 Atom, android-27 | Google Play Intel x86 Atom
Android NDK: 22.1.7171670
Windows SDK:
AllowDevelopmentWithoutDevLicense: Enabled
AllowAllTrustedApps: Enabled
Versions: 10.0.10586.0, 10.0.14393.0, 10.0.15063.0, 10.0.16299.0, 10.0.17134.0, 10.0.17763.0, 10.0.18362.0, 10.0.19041.0
IDEs:
Android Studio: Version 2020.3.0.0 AI-203.7717.56.2031.7935034
Visual Studio: 17.1.32104.313 (Visual Studio Enterprise 2022), 16.11.32002.261 (Visual Studio Enterprise 2019)
Languages:
Java: 1.8.0_302
npmPackages:
@react-native-community/cli: Not Found
react: 17.0.2 => 17.0.2
react-native: 0.66.4 => 0.66.4
react-native-windows: Not Found
npmGlobalPackages:
react-native: Not Found

Steps to reproduce

Use the above code to make an HTTPS request to a website protected with certificates that are not public.
They will not succeed with a generic exception (as for the issue title)

Repeat the request to a public website and it will succeed.
The issue is the exception being too generic.

Snack, code example, screenshot, or link to a repository

No response

[ariccio]

It looks like the underlying okhttp library has quite good error detection and reporting. Somehow though, either the react-native networking layer, or the whatwg-fetch doesn't capture that!

[raffaeler]

It is an habit in this repo to ignore important issues (not only this one) for a very long time.
I start believing RN is not that worthy to invest in.

[hoaxvo16]

I have same issue and solve by doing this, you can try

#24627 (comment)

[raffaeler]

Thank you @hoaxvo16 but I already posted the solution in this thread.
My request is react-native providing a decent error so that nobody else has to spend hours in trying to resolve it.
Also, since this an OSS project, it would be nice for some of the owner to "say something" instead of infinite silence.

[hoaxvo16]

@raffaeler yeah i know, took me over 3 hours to solve this, good thing is you learned something new :D

[amalmohann]

My issue was fixed when I restarted the emulator

[stefanoHTB]

I am still having the same issue! im trying to connect my react native app to django. i am using JWT. im trying to send a post method to my api but I get "TypeError: Network request failed" => Resolved every time i press the sign in button. i am using a real android device. im new to react so it is been very hard to solve this problem! can anybody help me pls? i already try all methods above but none seem to work

[flyskywhy]

fixed TypeError: Network request failed when upload file to http not https with Android debug builds

[nelsonprsousa]

I have this problem connecting with my hosted API (with a valid SSL certificate from Let's Encrypt) on Android Level 21 (Android 5), 22 (Android 5.1), 23 (Android 6) and 24 (Android 7).

After trying both variant 1 and 2 without success, I gave up and removed support for these Android versions (represent like 5% of market share to this day).

No idea what's happening, the error doesn't help 😞

[raffaeler]

@nelsonprsousa if the certificate on the API side is publicly verifiable, you should not have this issue at all.
My issue was about telling Android+React Native how to trust a private CA.

1. double check that your cerificate is correctly deployed by browsing the API from a browser (I assume it is)
2. verify the internal android error using adb logcat

[nelsonprsousa]

@nelsonprsousa if the certificate on the API side is publicly verifiable, you should not have this issue at all. My issue was about telling Android+React Native how to trust a private CA.

1. double check that your cerificate is correctly deployed by browsing the API from a browser (I assume it is)
2. verify the internal android error using adb logcat

Here's my API (checking on Desktop Chrome):

I am assuming it is publicly verifiable.

However, on those Android versions (from API 22 to API 24), I have the "Network request failed" error.

I noticed that trying to directly open the website on Chrome on those old Android versions brings this error, it should be related:

Certificate viewer:

So yeah, something weird on old Android version validating certificates?!

[raffaeler]

@nelsonprsousa if this behavior happens only on older Android version, it is possible that the CA used by letsencrypt was not already available on those versions.
If you scroll in the mobile Chrome app, you should see some hint about the CA not being trusted or another error like that

[nelsonprsousa]

@nelsonprsousa if this behavior happens only on older Android version, it is possible that the CA used by letsencrypt was not already available on those versions. If you scroll in the mobile Chrome app, you should see some hint about the CA not being trusted or another error like that

yeap.. I was reading on Google and there are some problems with letsencrypt and old Android versions that I don't fully understood.

Do you think that the solution you gave of bundling the certificate will solve this problem (already tried without success), or it is something else and I just hijacked this discussion? 😅

[raffaeler]

yeap.. I was reading on Google and there are some problems with letsencrypt and old Android versions that I don't fully understood.

Android ships a number of CAs that can only be updated with official security patches. If your CA was not shipped or updated at that time, of course it can't work.

Do you think that the solution you gave of bundling the certificate will solve this problem (already tried without success), or it is something else and I just hijacked this discussion? 😅

Bundling the certificate is a good solution whenever you need to use Android in an enterprise environment that works with a private CA.
In your case, you could try embedding the server certificate: exporting the CA (the one used by your letsencrypt certificate) from Windows in, converting with openssl, etc.. Not sure if it can work, it's not the scenario I described ad the beginning (and yes, you hijacked the thread 😅)

[nelsonprsousa]

yeap.. I was reading on Google and there are some problems with letsencrypt and old Android versions that I don't fully understood.

Android ships a number of CAs that can only be updated with official security patches. If your CA was not shipped or updated at that time, of course it can't work.

Do you think that the solution you gave of bundling the certificate will solve this problem (already tried without success), or it is something else and I just hijacked this discussion? 😅

Bundling the certificate is a good solution whenever you need to use Android in an enterprise environment that works with a private CA. In your case, you could try embedding the server certificate: exporting the CA (the one used by your letsencrypt certificate) from Windows in, converting with openssl, etc.. Not sure if it can work, it's not the scenario I described ad the beginning (and yes, you hijacked the thread 😅)

I'll try to find a solution for this specific problem elsewhere. Thank you for your support 🙏

[pedropankaj]

this work for me

[MuhammadAbdullah54321]

I am also facing same issue. my endpoint is https and not http. My other internet requests are working like those with Amplify

[raffaeler]

@MuhammadAbdullah54321 this issue is strictly related to fetching with HTTPS where the server is using a private or self-signed certificate.
In this case, if you carefully follow my points you should resolve the issue.

It is very bad that meta is not even answering or even checking the issues. This should be clarified and be part of the official documentation.

[turjoy-real]

Check if your SSL is properly configured here.

[raffaeler]

Check if your SSL is properly configured here.

This does not make any sense. The point of this entire thread is to use a non public CA as stated in the initial post, which is extremly common in any enterprise scenario.

The link you posted is a service that can only verify public websites. Also, I strongly reccomend to verify TLS (SSL does not exist anymore) using openssl utilities which are the most updated.

[CptKicks]

@raffaeler
out of curiosity? What is your backend stack?

[raffaeler]

The backend is ASP.NET Core but this doesn't make any difference. Any fetch on HTTPS involving a private CA would trigger the same issue.

[noalea]

I realized I was using the http version of the endpoint so then I switched it to https and it worked.

[thahseen21]

The backend is ASP.NET Core but this doesn't make any difference. Any fetc

I'm too using .net core facing the same issue, did you find any solution for it ?

[raffaeler]

I'm too using .net core facing the same issue, did you find any solution for it ?

Yes, I wrote "Resolved" in the title for a reason :-)
In the very first post I wrote the step-by-step to resolve this.

Anyway I am totally scared of Meta not taking in account the community about this. It's a real shame.

[ariccio]

Lemme just jump in that I'm always an advocate for bubbling as much error info up the stack as possible. There are those of us who go to great lengths, perhaps even cursed lengths, to make use of the info that is available from web fetch. It does actually make a big difference in debugging for those of us who go to these lengths, it's saved me untold hours of debugging, and its vastly more useful than the standard "failed to fetch" network error. If I had the time, and lacked the extreme disdain for Java, I'd write the patch myself!

[raffaeler]

Lemme just jump in that I'm always an advocate for bubbling as much error info up the stack as possible. There are those of us who go to great lengths, perhaps even cursed lengths, to make use of the info that is available from web fetch. It does actually make a big difference in debugging for those of us who go to these lengths, it's saved me untold hours of debugging, and its vastly more useful than the standard "failed to fetch" network error. If I had the time, and lacked the extreme disdain for Java, I'd write the patch myself!

Exactly! And let me say that there is a huge difference between creating a library for internal or public use.
It looks like that some Meta developers are bullying the devs outside their company by not propagating the error as it should be in any good framework.

BTW this happens too often in many frameworks when you get errors like "file not found" without the name, etc. etc.

[JoaoSoaresDev]

2023 and they haven't addressed this generic exception issue. I've been stuck on this for days, trying every solution and nothing works. I just wanted to know what the actual error is instead of shooting on the dark.

[polnikale]

In case anyone interested, I've had the same issue, and the source was very interesting.

We've added Certificate pinning to our app to make sure attackers can't spy the traffic, and hardcoded the public keys for the certificate. The certificate was recreated, but we didn't update these public keys.

Not the case which would happen for a lot of users tbh

[Moustafa-mahmaed]

what about ios ssl pinning ?!!!

[daraul]

It might be worth noting that I saw this error when I attempted to send a JSON.stringify'd body, without the 'Content-type':'application/json' header.

[KPB98115]

I have face the same issue when I am testing app on emulator and physical device, but the solution above do not work for me. Here is my react-native project info:

System:
    OS: macOS 13.4
    CPU: (8) arm64 Apple M1
    Memory: 90.45 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 18.14.0 - ~/.nvm/versions/node/v18.14.0/bin/node
    Yarn: Not Found
    npm: 9.3.1 - ~/.nvm/versions/node/v18.14.0/bin/npm
    Watchman: 2023.05.22.00 - /opt/homebrew/bin/watchman
  Managers:
    CocoaPods: 1.12.1 - /opt/homebrew/bin/pod
  SDKs:
    iOS SDK:
      Platforms: DriverKit 22.1, iOS 16.1, macOS 13.0, tvOS 16.1, watchOS 9.1
    Android SDK:
      API Levels: 32, 33
      Build Tools: 30.0.3, 33.0.0, 34.0.0
      System Images: android-33 | Google APIs ARM 64 v8a
      Android NDK: Not Found
  IDEs:
    Android Studio: 2022.2 AI-222.4459.24.2221.9971841
    Xcode: 14.1/14B47b - /usr/bin/xcodebuild
  Languages:
    Java: 18.0.2.1 - /usr/bin/javac
  npmPackages:
    @react-native-community/cli: Not Found
    react: 18.2.0 => 18.2.0 
    react-native: 0.71.10 => 0.71.10 
    react-native-macos: Not Found
  npmGlobalPackages:
    *react-native*: Not Found

I have add android:networkSecurityConfig="@xml/react_native_config" to AndroidManifest.xml, but my react-native project does not have xml dictionary in android/app/src/main, although I tried to create and add xml/react_native_config in android/app/src/main. However it shows following error:

FAILURE: Build completed with 2 failures.

1: Task failed with an exception.
-----------
* What went wrong:
Execution failed for task ':app:processDebugMainManifest'.
> Manifest merger failed : Attribute application@networkSecurityConfig value=(@xml/react_native_config) from
AndroidManifest.xml:17:7-67 is also present at AndroidManifest.xml:17:7-67 value=(@xml/network_security_config).
Suggestion: add 'tools:replace="android:networkSecurityConfig"' to <application> element at AndroidManifest.xml:7:5-13:19 to override.

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.
==============================================================================

2: Task failed with an exception.
-----------
* What went wrong:
java.lang.StackOverflowError (no error message)

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.

Am I miss something to fix?

[raffaeler]

I have face the same issue when I am testing app on emulator and physical device, but the solution above do not work for me.

The changes I wrote are well-documented in the Android docs. If you have errors, there is certainly something wrong with your project. You should first carefully fix them first.

[KPB98115]

I have face the same issue when I am testing app on emulator and physical device, but the solution above do not work for me.

The changes I wrote are well-documented in the Android docs. If you have errors, there is certainly something wrong with your project. You should first carefully fix them first.

Thank you for the reply. I have found the reason of that is because the manifest merger failed to merge debug/AndroidManifest.xml and main/AndroidManifest.xml, I make two AndroidManifest.xml have same user-permission configuration and it's work right now.

<!-- Two AndroidManifest.xml have same user-permission configure -->
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
    <uses-permission android:name="android.permission.INTERNET" />
    ...
</manifest>

[raffaeler]

and it's work right now.

This makes sense, thanks for the feedback.

[KPB98115]

I face a similar problem last week, this time it raise the TypeError: Network Request Failed when I upload a blob with formData, I have tried to append string into formData and work just fine, but not Blob. Here is my code:

const formData = new FormData();
formData.append('image', Blob, 'test.jpg)
fetch('http://api_end_point', {
    method: 'POST',
    header: { 'Content-Type': 'multipart/form-data' },
    boby: formData,
  }
).then(...).catch(...);
// Then raise TypeError: Network Request Failed

I have found some solutions: #28551 (comment), but still not able to fix my problem.
My React Native project info:

System:
    OS: macOS 13.4
    CPU: (8) arm64 Apple M1
    Memory: 90.45 MB / 16.00 GB
    Shell: 5.9 - /bin/zsh
  Binaries:
    Node: 18.14.0 - ~/.nvm/versions/node/v18.14.0/bin/node
    Yarn: Not Found
    npm: 9.3.1 - ~/.nvm/versions/node/v18.14.0/bin/npm
    Watchman: 2023.05.22.00 - /opt/homebrew/bin/watchman
  Managers:
    CocoaPods: 1.12.1 - /opt/homebrew/bin/pod
  SDKs:
    iOS SDK:
      Platforms: DriverKit 22.1, iOS 16.1, macOS 13.0, tvOS 16.1, watchOS 9.1
    Android SDK:
      API Levels: 32, 33
      Build Tools: 30.0.3, 33.0.0, 34.0.0
      System Images: android-33 | Google APIs ARM 64 v8a
      Android NDK: Not Found
  IDEs:
    Android Studio: 2022.2 AI-222.4459.24.2221.9971841
    Xcode: 14.1/14B47b - /usr/bin/xcodebuild
  Languages:
    Java: 18.0.2.1 - /usr/bin/javac
  npmPackages:
    @react-native-community/cli: Not Found
    react: 18.2.0 => 18.2.0 
    react-native: 0.71.10 => 0.71.10 
    react-native-macos: Not Found
  npmGlobalPackages:
    *react-native*: Not Found

[GNUGradyn]

Still to this day, the error messages for fetch network errors are super super vague. Is this going to get fixed?

[xts-bit]

@GNUGradyn You can use rn-fetch-blob fetch method instead of normal fetch

[GuillemGarciaDev]

POSIBLE SOLUTION

I faced the same problem (iOS working & Android failure) and in the end it turned out to be a problem because the domain to which the request was made contained an underscore (_) character. Removing the underscore by a dash solved the problem.

Previos domain
https://my_domain.com

Working domain
https://my-domain.com/

If you are using a domain other than localhost and use special characters it is possible that it may fail because of this. I will update my comment if I find any additional information.

I hope it helps 🙏🏻

[GreatGodson]

what do yo suggest for people using Expo, as there is no direct android folder of manifest file.

[raffaeler]

@GreatGodson I'm not very familiar with Expo.
In my opinion it's better to avoid it because:

• it does not provide full control over the framework and devices
• when you need to move from Expo to the standard sdk, the migration requires too much effort.
  I understand that is attractive for the initial simplicity, but I don´t think that you can solve with Expo, out of avoiding custom certificates.

[dev-jwel]

Does your server contains full cert chain rather than only single certification?
This was a problem in my case.

[raffaeler]

Does your server contains full cert chain rather than only single certification? This was a problem in my case.

@dev-jwel
Technically a server does not contain a chain. The just server uses a certificate emitted by either a CA or a SubCA.
In my case the server certificate was emitted by a SubCA, therefore I had to add the whole chain (CA+Sub) to the app. This is mandatory, otherwise the SubCA would not be trusted and the communication will fail anyway.

[csvan]

It's simply sad that this catastrophic DX failure in RN has been around essentially since the beginning, yet there still is no clear roadmap for fixing it (or simply propagating the underlying errors to make it actually debuggable). It's barely even being acknowledged, yet is one of the most asked-about problems with RN.

Thanks a ton @raffaeler for doing God's work documenting issues like this, RN would more or less be dead without community members like you.

[AbrahamBrookes]

is there an alternative library we can use in place of fetch? Ie axios or just the plain xhr? Something that sidesteps this whole issue entirely?

[thecodemonster1]

I also have same problem (I am struggling so much for this🥺) any can help me please🙏,
I want to connect appropriate api to my Android/iOS app.

• API is working fine (tested via postman)
• when i hosted (localhost) a db.json on json-server it is working (then, there is no problems in my fetch code)

but when i run the application and when i input the details is showing this on console error: [TypeError: Network request failed]

I check the all the possible ways on the internet

this is the link of this issue in stackoverflow

[csvan]

@thecodemonster1 try using the native logger (e.g. Logcat for Android) to capture more detailed information about why the call fails. The Metro console will not show you this.

[NicolasD27]

for me, replacing localhost or my local ip with 10.0.2.2 worked

[raffaeler]

@NicolasD27 do you realize that nobody can have any clue of what 10.0.2.2 represents in your network and that this issue should work regardless the IP assigned by the DHCP?

[billinghamj]

Has anyone tried using XMLHttpRequest.setInterceptor or RCTNetworking.addListener('didCompleteNetworkResponse' to get access to the original error data? Obv not super ideal, but should work I think?

From what I can tell, all use of fetch in RN-land is done with whatwg-fetch, which ultimately ends up in the XMLHttpRequest implementation, which is here: https://github.com/facebook/react-native/blob/main/packages/react-native/Libraries/Network/XMLHttpRequest.js

And the pertinent bits:

• react-native/packages/react-native/Libraries/Network/XMLHttpRequest.js

  Lines 555 to 557 in dbbb406

  	RCTNetworking.addListener('didCompleteNetworkResponse', args =>
  	this.__didCompleteResponse(...args),
  	),

• react-native/packages/react-native/Libraries/Network/XMLHttpRequest.js

  Lines 401 to 402 in dbbb406

  	XMLHttpRequest._interceptor &&
  	XMLHttpRequest._interceptor.loadingFailed(requestId, error);

On e.g. iOS, the -[NSError localizedDescription] should be accessible via either route (though you will also need to figure out your request IDs)

I think this is the most detailed info available on the JS side of the bridge

[billinghamj]

We ended up simplifying a bit by just patching react-native & whatwg-fetch to add a detail field to the errors. It doesn't change the error type or message, but the field should be visible to tools like Sentry, and will appear when serialized.

These are the patch files:

react-native+0.74.3.patch
whatwg-fetch+3.6.20.patch

We use patch-package to apply them

[fermellone]

Here is another solution.
adb reverse tcp:<your-server-port> tcp:<your-server-port>
It worked for me.

[asirialwis]

same issue here , when I replace ip address instead of the localhost, it works only for emulator. With the expo go , its not working.