How do I implement this on android? Not the design but the functionality. Is there a way I can get/change permissions that other apps have from my app?
For instance, get a list of all the permissions Facebook has and remove or add certain permissions.
Thank you for your response.
Related
I am trying to implement app links into my app to make sure that other malicious apps cannot register for my URL.
I read the guide on app links here https://developer.android.com/training/app-links/verify-site-associations.html and I have mostly understood it. But one thing which is not clear to me is how can I prevent malicious apps from receiving my domain links if my app is not installed.
Consider this scenario.
1. My app is not installed on the user's device
2. Some malicious app is and it knows the URL that my app handles
Wouldn't this launch the malicious app and it can intercept my URL if the user selects that app from the disambiguation dialog? Is there any way to prevent it?
I understand that android:autoVerify="true" will trigger the domain verification when the app is installed, but what if the app is not installed?
Whether the user has the app installed or not, the "illegal" app won't be able to handle your links since it has not access to your domain in order to save there the needed JSON file. Am I clear?
There is a JSON file that is required during App Link configuration, that has to be uploaded to your server (that includes your app ID), through which your web-app basically says to the Android OS 'this is my counterpart on Android devices, I authorise it to handle these URLs'. Since app IDs are unique, there is no way another app can meet those conditions.
To quote the docs:
An Android App Link is a deep link based on your website URL that has
been verified to belong to your website.
So, although an app may register an <intent-filter> it ALSO has to be verified by the website whose URL it's trying to handle. And this happens on the server, so, out of the reach of a mobile client.
See also HERE for a more detailed explanation.
I have just completed my app which I have React Native using Expo. It is my first time uploading an APP to Play Store. After I got finished uploading my APP and all the requirements I got an Email from Google that my APP got Rejected, and I have no idea how to fix the issues they have listed.
=====================================================================
Here are the reasons:
The declared function DEVICE_AUTOMATION is allowed, but not approved for the specific permissions that are listed in your manifestREAD_SMS . These excess permissions READ_SMS must be removed from your app manifest
The declared functionality DEVICE_AUTOMATION is determined to be unnecessary or not aligned with the core functionality of your app.
=====================================================================
Any help would be grateful.
Best Regards
Musayyab
Starting from Jan 9, 2019, Google starts restricts the use of high risk or sensitive permission including SMS or Call Log.
According to mail, you can't use READ_SMS permission in your application. (It does not matter what application make by whatever language) Indeed, Google just judge 'Your application doesn't need READ_SMS function'.
If you tried to use READ_SMS as OTP(or Phone Authentication), You can use SMS Retriever API to achieve almost same feature.
In other cases, there are no alternatives available at this time.
Android apps have something called Permissions which the app tell s the phone what it would like to do. The purpose of these is to protect the privacy of the Android User.
Google Play has recently got stricter in what apps it will allow to use some of these permissions, as they are often used by abusive apps. One of these permissions is READ_SMS. If an app is granted this permission it is allowed to read all of the users SMS messages.
It sounds from your comment like you don't want your app to read the users SMS messages. So in this case the check worked - your app was asking for a permission it didn't need. You should remove the request for the READ_SMS permission from your app.
There are instructions on editing the permissions in a react native app here. So possibly you added this permission to your AndroidManifest.xml file. If you did, then you should remove it.
If you didn't add it yourself, it is a possible a bad third-party library you added to your app added the permission. If so you should stop using that library.
Could you help me?
I have a question about permission required by using admob in my application. Are these permissions really necessary? I've found some app on PlayStore they are using ads without any permissions? How can I do it?
Thanks for your suggestions
The internet access permission does not by default show up when you are downloading an app under the permissions that the app uses (i.e. "The app requires no special permissions to run." In this example the app could still use internet access. Google simply gave every app the permission, however you still need to declare that you use the permission in your application). If you have checked the permissions manually (using a program) and the application does not use the internet access permissions then the "ads" are likely just pictures that when clicked open your browser. Thus they require no internet access.
However to use admob the INTERNET ACCESS permission is required, the reason you don't see it is because Google no longer states whether application have this permission or not.
Internet permission is required now. Although, existing app with no Internet permission still works.
I have integrated facebook SDK in my ANDROID app for sharing functionality,and as per facebook guidline it will asks for permissions before sharing anything if user doesn't grant it before.
so,does there any way to remove that permissions dialog or if it can handle it in background without showing it over the my android app??
Note:for FB SDK integration I am not using webview dialog or FB dialog , I have implemented my own dialog view for sharing and I am sharing with installed Native FB App.
I'm fairly certain it's against the Facebook policy to post on the user's behalf without their explicit permission to access their data.
You may use Account Information in accordance with your privacy policy and other Facebook policies. All other data may only be used outside your app after you have obtained explicit user consent.
See policy.
How can I create whitelist with root-granted apps? Other apps must be denied whithout any prompt.
I'm looking for existing solution or some advice how to write app with this features.
You should checkout Superuser on the market. This app can manage what apps have root access to the device.
use
Download Magisk Manager
solutions 1
its have feature for app selection for pregranted and for other apps
solutions 2
first manually grant permission from Magisk app
set default Aotometic Response -> Deny
be free to ask for more help :)