# Print output for @column tags ?>
public
final
class
UnsafeIntentLaunchViolation
extends Violation
java.lang.Object | |||
↳ | java.lang.Throwable | ||
↳ | android.os.strictmode.Violation | ||
↳ | android.os.strictmode.UnsafeIntentLaunchViolation |
Violation raised when your app launches an Intent
which originated
from outside your app.
Violations may indicate security vulnerabilities in the design of your app,
where a malicious app could trick you into granting Uri
permissions
or launching unexported components. Here are some typical design patterns
that can be used to safely resolve these violations:
PendingIntent
, which
ensures that your launch is performed using the identity of the original
creator, completely avoiding the security issues described above.
PendingIntent
isn't feasible, an alternative approach
is to create a brand new Intent
and carefully copy only specific
values from the original Intent
after careful validation.
Note that this may detect false-positives if your app sends itself
an Intent
which is first routed through the OS, such as using
Intent#createChooser
. In these cases, careful inspection is required
to determine if the return point into your app is appropriately protected
with a signature permission or marked as unexported. If the return point is
not protected, your app is likely vulnerable to malicious apps.
Public constructors | |
---|---|
UnsafeIntentLaunchViolation(Intent intent)
|
Public methods | |
---|---|
Intent
|
getIntent()
Return the |
Inherited methods | |
---|---|
public UnsafeIntentLaunchViolation (Intent intent)
Parameters | |
---|---|
intent |
Intent : This value cannot be null . |