Androidmanifest security configuration

Hello, I’m not sure if I am in the right category, but I have a question about security configuration.

For the security team at the company where I work, I need to set the following properties to false:

android:exported="false" (inside <activity>)
android:grantUriPermissions="false" (inside <provider>)

The problem with setting android:exported to false is that it’s no longer possible to debug the application using adb. Does anyone know a way to overcome this issue?

Also, setting android:grantUriPermissions to false crashes the app on startup. Does anyone know how to set it to false and still be able to grant specific permissions? Or only allow the Ionic app to have permissions to access the Android native files.

Current working AndroidManifest file:

<?xml version='1.0' encoding='utf-8'?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
    <application
      android:networkSecurityConfig="@xml/network_security_config"
      android:allowBackup="false"
      android:icon="@mipmap/ic_launcher"
      android:label="@string/app_name"
      android:roundIcon="@mipmap/ic_launcher_round"
      android:supportsRtl="true"
      android:theme="@style/AppTheme">
        <activity
                android:configChanges="orientation|keyboardHidden|keyboard|screenSize|locale|smallestScreenSize|screenLayout|uiMode"
                android:exported="true"
                android:label="@string/title_activity_main"
                android:launchMode="singleTask"
                android:name=".MainActivity"
                android:theme="@style/AppTheme.NoActionBarLaunch">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />
                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
        <provider android:authorities="${applicationId}.fileprovider"
                  android:exported="false"
                  android:grantUriPermissions="true"
                  android:name="androidx.core.content.FileProvider">
            <meta-data android:name="android.support.FILE_PROVIDER_PATHS" android:resource="@xml/file_paths" />
        </provider>
    </application>
    <uses-permission android:name="android.permission.READ_MEDIA_IMAGES" />
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
    <uses-permission android:name="android.permission.INTERNET" />
    <uses-permission android:name="android.permission.USE_BIOMETRIC" />
</manifest>

Matthieu

1 post - 1 participant

Read full topic