Search code examples
androidgoogle-play-consoleandroid-security

App vulnerable to Intent Redirection issue

I am getting this app vulnerable to Intent Redirection issue message from Google whenever I upload my app on play store. I am getting this message science I have integrated pdf file selection code from device. Here is my File selection code Snippet:

if(Permissions.checkPermissionStorage(CompanyProfileMediaUploadActivity.this)){
                    File file = new File( Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS),brochure_nextkey+".pdf");
                    Uri pdfUri = FileProvider.getUriForFile(CompanyProfileMediaUploadActivity.this, "com.main.mccoymartbusiness.fileproviders", file);
                    intent = new Intent(Intent.ACTION_OPEN_DOCUMENT);
                    intent.addCategory(Intent.CATEGORY_OPENABLE);
                    intent.setDataAndType(pdfUri, "application/pdf");
                    intent.addFlags(Intent.FLAG_ACTIVITY_NO_HISTORY);
                    intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
                    startActivityForResult(intent, PICKFILE_RESULT_CODE);
                }else{
                    Permissions.requestPermissionStorage(CompanyProfileMediaUploadActivity.this);
                }

Here my code of onActivityResuly

if (requestCode == PICKFILE_RESULT_CODE) {

            getContentResolver().takePersistableUriPermission(
                    intent.getData(),
                    Intent.FLAG_GRANT_READ_URI_PERMISSION
            );
            InputStream iStream = null;
            byte[] inputData = null;
            try {
                iStream = getContentResolver().openInputStream(intent.getData());
                inputData = getBytes(iStream);
            } catch (Exception e) {
                e.printStackTrace();
            }


            uploadCompanyBrochureApi(brochure_nextkey,inputData);
        }

In my OnActivityResult I am converting file in byte array and uploading it on server from my internal api.

Although Google support team is not mentioning any particular line of code or class which are causing this issue, but I am getting this vulnerable issue regularly after integrating this code.
Here is what warning I am getting from google: [![enter image description here][1]][1]

Please let me know for any solution for this. Thanks in advance. [1]: https://i.sstatic.net/If0Mq.png

Solution

  • Finally I got the solution of this issue. I found I was using Cashfree SDK and YouTubeAndroidPlayerApi.jar in libs folder. I have removed these from libs folder and updated these lines in my gradles:

    implementation 'com.github.davidmigloz:youtube-android-player-api-gradle:1.2.2.1'
implementation 'com.cashfree.pg:android-sdk:1.6.1'

maven { url 'https://maven.cashfree.com/release'

    And also updated the Facebook sdk version.

    For implicit and explicit Intent redirection I have also updated my code and add if(intent.resolveActivity(getPackageManager()) != null) and if (name.getPackageName().equals(name.getPackageName())&&name.getClassName().equals(name.getClassName())) check.

    Thanks.