All geek questions in one place

Android permits to restrict INSTALL_REFERRER to play in storage

I’m setting up campaign tracking with user analytics (not Google analytics) and setting up a receiver for this. My receiver seems to be working, but when I install, I get a warning from the android:

ExportedReceiver: Receiver does not require permission

It looks like any old Android app can call my app with the intent of com.android.vending.INSTALL_REFERRER , which I don't want. It should only be the Google Play store (or any other Android system application that installs my application from the play store), sending this intention to my application.

So, I tried to figure out how to set the resolution, which limits the valid applications in the play store, but I can not determine the correct way to set the resolution according to the documentation:

https://developer.android.com/guide/topics/manifest/permission-element.html

Can someone help me set up a resolution restricting the applications that my application will accept this intention to the play store? Here is my current receiver configuration:

  <receiver android:name=".referrals.MyCampaignTrackingReceiver" android:enabled="true" android:exported="true"> <intent-filter> <action android:name="com.android.vending.INSTALL_REFERRER"/> </intent-filter> </receiver>

I tried to set the permission for the recipient to normal , but this did not allow the application to get the intention from the game store.

+6
source share
4 answers

Permission to broadcast INSTALL_REFERRER does not cause much concern. Assuming that you know that you need to process this broadcast only once, immediately after installation, and you take measures to process it only once, the attacker will need to know when your application was installed, and somehow send this broadcast before playstore application, which seems unlikely.

+2
source

You need to set the android:permission attribute of your receiver. To make it look something like this:

 <receiver android:name=".referrals.MyCampaignTrackingReceiver" android:enabled="true" android:exported="true" android:permission="android.permission.CLEAR_APP_CACHE"> <intent-filter> <action android:name="com.android.vending.INSTALL_REFERRER"/> </intent-filter> </receiver>

Using "android.permission.CLEAR_APP_CACHE" is arbitrary here, you can use any permission that the Play Store has and is not suitable for third-party applications to have (since the protection level CLEAR_APP_CACHE is system|signature only system applications or applications signed with the same certificate, as the application that declared this permission, in this case the platform). For example, browsing , showing the Play Store manifest, "com.android.vending.permission.C2D_MESSAGE" might be another good candidate.

Hope this helps.

+3
source

Third-party applications cannot broadcast this intention. This is blocked. And permission to send is granted only to system applications. enter image description here enter image description here

0
source

How about this application, I can use the Ozbek method

? xml version = "1.0" encoding = "utf-8" standalone = "no"?> manifest xmlns: android = "http://schemas.android.com/apk/res/android" android: hardwareAccelerated = "true" package = "com.sayoo.twlive" platformBuildVersionCode = "10700" platformBuildVersionName = "1.7.0"> android screen support: anyDensity = "true" android: largeScreens = "true" android: normalScreens = "true" android: resizeable = "true "android: smallScreens =" ​​true "android: xlargeScreens =" ​​true "/> uses permission android: name =" android.permission.INTERNET "/> uses permission android: name =" android.permission.ACCESS_NETWORK_STATE "/> uses permission android: name = "android.permission.WAKE_LOCK" /> uses-permission android: name = "android.permission.MODIFY_AUDIO_SETTINGS" /> uses-permission android: name = "android.permission.WRITE_EXTERNAL_STORAGE" /> using -permission android: name = "com.sec.android.provider.badge.permission.READ" /> uses-permission android: name = "com.sec.android.provider.badge.permission.WRITE" /> uses- android resolution: name = "com.htc.launcher.permission. READ_SETTINGS "/> uses permissions android: name =" com.htc.launcher.permission.UPDATE_SHORTCUT "/> uses permissions android: name =" com.sonyericsson.home.permission.BROADCAST_BADGE "/> uses permissions android: name = "com.anddoes.launcher.permission.UPDATE_COUNT" /> uses-permission android: name = "com.majeur.launcher.permission.UPDATE_BADGE" /> uses-permission android: name = "com.google.android.providers. gsf.permission.READ_GSERVICES "/> uses-permission android: name =" com.google.android.c2dm.permission.RECEIVE "/> uses-permission android: name =" com.google.android.finsky.permission.BIND_GET_INSTALL_REFERRER_SERVICE " /> android application: hardwareAccelerated = "true" android: icon = "@ mipmap / icon" android: label = "@ string / app_name" android: supportRtl = "true"> activity android: configChanges = "locale | keyboard | keyboard hidden | Orientation | screenSize "android: label =" @ string / activity_name "android: launchMode =" singleTask "android: name =" com.sayoo.twlive.MainActivity "android: screenOrientation =" portrait "android: theme =" @androi d: style / Theme.DeviceDefault.NoActionBar "android: windowSoftInputMode =" AdjustResize "> Android intent filter: label =" @ string / launcher_name "> android action: name =" android.intent.action.MAIN "/> category android: name =" android .intent.category.LAUNCHER "/> / intent-filter> intent-filter android: name =" io.branch.sdk.UriScheme "> action android: name =" android.intent.action.VIEW "/> category android: name = "android.intent.category.DEFAULT" /> category android: name = "android.intent.category.BROWSABLE" /> data android: circuit = "twlive" /> / intent-filter> intent -filter android: autoVerify = "true" android: name = "io.branch.sdk.AppLink"> android action: name = "android.intent.action.VIEW" /> category android: name = "android.intent.category.DEFAULT" /> category android: name = "android.intent.category.BROWSABLE" /> data android: host = "twlive.app.link" android: scheme = "https "/> data android: host =" twlive- alternate.app.link "android: circuit =" https "/> / intent-filter> / activity> provider android: authority =" com.sayoo.twlive.emailcomposer .provider " android: exported = "false" android: grantUriPermissions = "true" android: name = "de.appplant.cordova.emailcomposer.Provider"> android metadata: name = "android.support.FILE_PROVIDER_PATHS" android: resource = "@ xml / emailcomposer_provider_paths "/> / provider> provider android: members =" com.sayoo.twlive.sharing.provider "android: exported =" false "android: grantUriPermissions =" ​​true "android: name =" nl.xservices.plugins.FileProvider " > android metadata: name = "android.support.FILE_PROVIDER_PATHS" android: resource = "@ xml / shared_ paths "/> / provider> android service: enabled =" true "android: exported =" false "android: name =" com.google.android.gms.measurement.AppMeasurementService "/> android service: name =" org.apache .cordova.firebase.FirebasePluginMessagingService "> intent filter> action android: name =" com.google. firebase.MESSAGING_EVENT "/> / intent-filter> / service> receiver android: name =" org.apache.cordova.firebase.OnNotificationOpenReceiver "/> receiver android: enabled =" true "android: name =" nl.xservices.pl ugins.ShareChooserPendingIntent "> intent filter> action android: name =" android.intent.action.SEND "/> / intent filter> / recipient> recipient android: exported =" true "android: name =" io.branch. referral.InstallListener "> intent-filter> action android: name =" com.android.vending.INSTALL_REFERRER "/> / intent-filter> / receive> android metadata: name =" io.branch.sdk.BranchKey "android value launchMode = "singleTask" android: name = "com.google.firebase.auth.internal.FederatedSignInActivity" android: missions = "com.google.firebase.auth.api.gms.permission.LAUNCH_FEDERATED_SIGN_IN" android: theme = "@android: style / Theme.Translucent.NoTitleBar "/> android service: exported =" false "android: name =" com.google.firebase.components.ComponentDiscoveryService "> metadata android: name =" com.google.firebase.components: com. google.firebase auth.FirebaseAuthRegistrar "android: value =" com.google.firebase.components.ComponentRegistrar "/> metadata android: name =" com.google.firebase.components: com.google.firebase.perf.FirebasePerfRegistrar "android: value =" com.google.firebase.components.ComponentRegistrar "/> android metadata: name =" com.google.firebase.components: com.google.firebase.remoteconfig.RemoteConfigRegistrar "android: value =" com.google.firebase.components.ComponentRegistrar "/> android metadata: name =" com.google.firebase.components: com.google.firebase.analytics.connector.internal.AnalyticsConnectorRegistrar "android: value =" com.google.firebase.components. ComponentRegistrar "/> metadata android: name =" com.google.firebase.components: com.google.firebase.iid.Registrar "android: value =" com.google.firebase.components.ComponentRegistrar "/> metadata android: name = "com.google.firebase.components: com.google.firebase.abt.component.AbtRegistrar" android: value = "com.google.firebase.components.ComponentRegistrar" /> / service> provider andro id: members = "com. sayoo.twlive.crashlyticsinitprovider "android: exported =" false "android: initOrder =" 100 "android: name =" com.crashlytics.android.CrashlyticsInitProvider "/> android service: exported =" false "android: name =" com. google.firebase.messaging.FirebaseMessagingService "> intent filter android: priority =" -500 "> action android: name =" com.google.firebase.MESSAGING_EVENT "/> / intent-filter> / service> provider android: members =" com.sayoo.twlive.firebaseperfprovider "android: exported =" false "android: initOrder = "101" android: name = "com.google.firebase.perf.provider.FirebasePerfProvider" /> android service: enabled = "true" android: exported = "false" android: name = "com.google.android.gms .tagmanager.TagManagerService "/> activity android: exported =" true "android: name =" com.google.android.gms.tagmanager.TagManagerPreviewActivity "android: noHistory =" true "> intent filter> data android: scheme =" tagmanager .c.com.sayoo.twlive "/> action android: name =" android.intent.action.VIEW "/> category android: name =" andro id.intent.category.DEFAULT "/> category android: name =" android.intent.category.BROWSABLE "/> / intent-filter> / activity> receiver android: exported =" true "android: name =" com.google.firebase.iid.FirebaseInstanceIdReceiver "android: Permission =" com.google. android.c2dm.permission.SEND "> intent filter> action android: name =" com.google.android.c2d m.intent.RECEIVE "/> / intent filter> / recipient> activity android: exported =" false "android: name =" com.google.android.gms.common.api.GoogleApiActivity "android: theme =" @android : style / Theme.Translucent.NoTitleBar "/> provider android: members =" com.sayoo.twlive.firebaseinitprovider "android: exported =" false "android: initOrder =" 100 "android: name =" com.google.firebase. provider.FirebaseInitProvider "/> receiver android: enabled =" true "android: exported =" false "android: name =" com.google.android.gms.measurement.AppMeasurementReceiver "/> receiver android: enabled =" true "android: exported = "true" android: name = "com.google.android.gms.measurement.AppMeasurementInstallReferrerRec eiver" android: permission = "android.permission.INSTALL_PACKAGES"> intent filter> action android: name = "com.android.vending. INSTALL_REFERRER "/> / receiver-filter> / receive atelier> android service: enabled = "true" android: exported = "false" android: name = "com.google.android.gms.measurement.AppMeasurementJobService" android: permission = "android.permission.BIND_JOB_SERVICE" /> android metadata: name = "com.google.android.gms.version" android: value = "@ integer / google_play_services_version" /> / application> / manifest>

0
source

Source: https://habr.com/ru/post/1014752/

More articles:


All Articles