您的应用容易受到 Intent 重定向的影响。启动活动结果

Your app(s) are vulnerable to Intent Redirection. startActivityForResult

我的应用程序存在意图重定向问题。所以一段时间后,我设法找出问题所在。 问题是

androidx.activity.ComponentActivity->startActivityForResult

我在 SMS Retriever 的广播接收器中使用的

  private final BroadcastReceiver smsVerificationReceiver = new BroadcastReceiver() {
    @Override
    public void onReceive(Context context, Intent intent) {
        if (SmsRetriever.SMS_RETRIEVED_ACTION.equals(intent.getAction())) {
            Bundle extras = intent.getExtras();
            Status smsRetrieverStatus = (Status) extras.get(SmsRetriever.EXTRA_STATUS);

            switch (smsRetrieverStatus.getStatusCode()) {
                case CommonStatusCodes.SUCCESS:
                    // Get consent intent
                    Intent consentIntent = extras.getParcelable(SmsRetriever.EXTRA_CONSENT_INTENT);
                    try {

                        startActivityForResult(consentIntent, SMS_CONSENT_REQUEST);

                    } catch (ActivityNotFoundException e) {
                        // Handle the exception ...
                    }
                    break;
                case CommonStatusCodes.TIMEOUT:
                    // Time out occurred, handle the error.
                    break;
            }
        }
    }
};

onActivityResult

  @Override
public void onActivityResult(int requestCode, int resultCode, Intent data) {
    super.onActivityResult(requestCode, resultCode, data);
    switch (requestCode) {

        case SMS_CONSENT_REQUEST:
            if (resultCode == RESULT_OK) {
                // Get SMS message content
                String message = data.getStringExtra(SmsRetriever.EXTRA_SMS_MESSAGE);
                // Extract one-time code from the message and complete verification
                
                if(message != null && message.contains("is")){
                    String pass = message.substring(message.indexOf("is") +2).trim();
                    
                    mEtCode.setText(pass);
                }

             } else {
                // Consent canceled, handle the error ...
            }
            break;
    }
}

我做了一些更改来解决这个问题。现在上传到 google 播放后没有显示任何漏洞。如需更多信息,请访问 this link

    private final BroadcastReceiver smsVerificationReceiver = new BroadcastReceiver() {
    @Override
    public void onReceive(Context context, Intent intent) {
        if (SmsRetriever.SMS_RETRIEVED_ACTION.equals(intent.getAction())) {
            Bundle extras = intent.getExtras();
            Status smsRetrieverStatus = (Status) extras.get(SmsRetriever.EXTRA_STATUS);

            switch (smsRetrieverStatus.getStatusCode()) {
                case CommonStatusCodes.SUCCESS:
                    // Get consent intent
                    Intent consentIntent = extras.getParcelable(SmsRetriever.EXTRA_CONSENT_INTENT);
                    try {

                        ComponentName name = consentIntent.resolveActivity(getPackageManager());

                        Log.e(TAG, "onReceive: "+name.getPackageName() + " " + name.getClassName());

                        if (name.getPackageName().equalsIgnoreCase("com.google.android.gms") &&
                                name.getClassName().equalsIgnoreCase("com.google.android.gms.auth.api.phone.ui.UserConsentPromptActivity")) {

                            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O) {
                                consentIntent.removeFlags(FLAG_GRANT_READ_URI_PERMISSION);
                                consentIntent.removeFlags(FLAG_GRANT_WRITE_URI_PERMISSION);
                                consentIntent.removeFlags(FLAG_GRANT_PERSISTABLE_URI_PERMISSION);
                                consentIntent.removeFlags(FLAG_GRANT_PREFIX_URI_PERMISSION);
                            }

                            someActivityResultLauncher.launch(consentIntent);
                        }
                    } catch (ActivityNotFoundException e) {
                        // Handle the exception ...
                    }
                    break;
                case CommonStatusCodes.TIMEOUT:
                    // Time out occurred, handle the error.
                    break;
            }
        }
    }
};

结果。

    ActivityResultLauncher<Intent> someActivityResultLauncher = registerForActivityResult(
        new ActivityResultContracts.StartActivityForResult(),
        result -> {
            if (result.getResultCode() == Activity.RESULT_OK) {
                // There are no request codes
                Intent data = result.getData();
                
                String message = data.getStringExtra(SmsRetriever.EXTRA_SMS_MESSAGE);
                // Extract one-time code from the message and complete verification

                if(message != null && message.contains("is")){
                    String pass = message.substring(message.indexOf("is") +2).trim();

                    mEtCode.setText(pass);
                }
            }
        });