Recently, My app update got rejected due to Security Vulnerability INTENT REDIRECTION. And as per Google Play console - Security Alerts. Following is the error.
Your app contains an Intent Redirection vulnerability. Please see this bellow mail.
androidx.fragment.app.FragmentActivity.startActivityForResult
after few days we can chat customer support send one mail
I update All dependence in gradel file. after manifest change Exported: "false", we are using camera and gallery and External Documents upload I check the Android web Site update all things up-to-date but I don't found any suspicious code. please help me solve this problem for more details bellow I add my gradle and manifest file
gradle apply plugin: 'com.android.application' apply plugin: 'com.google.gms.google-services'
android {
compileSdkVersion 30
defaultConfig {
applicationId "com.example.flowerbazaarseller"
minSdkVersion 21
targetSdkVersion 30
versionCode 30
versionName "1.14"
multiDexEnabled true
vectorDrawables.useSupportLibrary = true
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
}
buildTypes {
debug {
debuggable false
}
release {
shrinkResources false
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
}
}
compileOptions {
sourceCompatibility JavaVersion.VERSION_1_8
targetCompatibility JavaVersion.VERSION_1_8
}
lintOptions {
checkReleaseBuilds false
}
}
dependencies {
implementation fileTree(dir: "libs", include: ["*.jar"])
implementation 'androidx.appcompat:appcompat:1.2.0'
implementation 'androidx.constraintlayout:constraintlayout:2.0.4'
implementation 'androidx.recyclerview:recyclerview:1.2.0'
implementation 'androidx.viewpager:viewpager:1.0.0'
//JUnit
testImplementation 'junit:junit:4.13.2'
androidTestImplementation 'androidx.test.ext:junit:1.1.2'
androidTestImplementation 'androidx.test.espresso:espresso-core:3.3.0'
//swipeRefresh
implementation 'androidx.swiperefreshlayout:swiperefreshlayout:1.1.0'
//material theme
implementation 'com.google.android.material:material:1.4.0-alpha02'
//Retrofit
implementation 'com.squareup.retrofit2:retrofit:2.9.0'
implementation 'com.google.code.gson:gson:2.8.6'
implementation 'com.squareup.retrofit2:converter-gson:2.9.0'
implementation 'com.squareup.okhttp3:logging-interceptor:5.0.0-alpha.2'
//Compressor
implementation 'id.zelory:compressor:3.0.1'
//CropImage
//noinspection GradleDynamicVersion
api 'com.theartofdev.edmodo:android-image-cropper:2.8.0'
implementation 'com.github.yalantis:ucrop:2.2.6'
//Glide
implementation 'com.github.bumptech.glide:glide:4.12.0'
annotationProcessor 'com.github.bumptech.glide:compiler:4.12.0'
//OTP retriever
//implementation 'com.google.android.gms:play-services-auth:19.0.0'
//implementation 'com.google.android.gms:play-services-auth-api-phone:17.5.0'
//Dexter Permission handler
implementation 'com.karumi:dexter:6.2.2'
//lottie animation
implementation 'com.airbnb.android:lottie:3.6.1'
//firebase
implementation platform('com.google.firebase:firebase-bom:25.12.0')
implementation 'com.google.firebase:firebase-analytics'
implementation 'com.google.firebase:firebase-messaging:21.1.0'
implementation 'com.google.firebase:firebase-database:19.7.0'
//multi-dex
implementation 'com.android.support:multidex:1.0.3'
//play-core-library
implementation 'com.google.android.play:core:1.10.0'
//Pdf viewer
implementation 'com.github.barteksc:android-pdf-viewer:2.8.2'
implementation 'com.mindorks.android:prdownloader:0.6.0'
//Easy Image (using take images and fetch gallery)
implementation 'com.github.jkwiecien:EasyImage:3.2.0'
}
Here are the permission I have added manifest file :
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-feature
android:name="android.hardware.camera"
android:required="false" />
<uses-feature
android:name="android.hardware.camera.autofocus"
android:required="false" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
tools:ignore="ScopedStorage" />
<uses-permission android:name="android.permission.CAMERA" />
<uses-permission android:name="android.permission.CALL_PHONE" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.BLUETOOTH" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<queries>
<!-- Camera -->
<intent>
<action android:name="android.media.action.IMAGE_CAPTURE" />
</intent>
<!-- Gallery -->
<intent>
<action android:name="android.intent.action.PICK" />
<data android:mimeType="vnd.android.cursor.dir/image" />
</intent>
<!-- Document -->
<intent>
<action android:name="android.intent.action.PICK" />
<data android:mimeType="vnd.android.cursor.dir/application" />
</intent>
</queries>
Camera:
Intent takePicture = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
if (takePicture.resolveActivity(getPackageManager()) != null) {
tartActivityForResult(takePicture, CAMERA_REQ_CODE);
}
Gallery:
Intent intent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
intent.setType("image/*");
intent.putExtra(Intent.EXTRA_ALLOW_MULTIPLE, false);
intent.setAction(Intent.ACTION_GET_CONTENT);
if (intent.resolveActivity(getPackageManager()) != null) {
startActivityForResult(Intent.createChooser(intent, "select Picture"), PICK_GALLERY_IMAGE);
}
Document:
Intent chooseFile = new Intent(Intent.ACTION_OPEN_DOCUMENT);
chooseFile.setType("application/*");
chooseFile.addCategory(Intent.CATEGORY_OPENABLE);
chooseFile.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
startActivityForResult(chooseFile, PICK_FILE_REQUEST_CODE);
above i add all my code snippets can you check once please tell me where is the problem.
Thanks.