I have that vulnerability according to google play console.
It's supposed that the solution is to add .setPackage()
or .setClassName()
to the intent but now the activity is not being recognized. How can I use this function?
The intent as it was with the vulnerability is this:
@Override
public void onBackPressed() {
super.onBackPressed();
Intent intent = new Intent("independent.dev.ui.mainactivity");
intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK);
startActivity(intent);
}
The solution that I tried adding the package name:
@Override
public void onBackPressed() {
super.onBackPressed();
Intent intent = new Intent("independent.dev.ui.mainactivity");
intent.setPackage("independent.dev.ui.Activities");
intent.addFlags(Intent.FLAG_ACTIVITY_CLEAR_TASK);
startActivity(intent);
}
my AndroidManifest.xml
is this
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="independent.dev.ui.Activities">
.
.
.
<activity
android:name=".MainActivity"
android:configChanges="orientation|keyboardHidden"
android:label="Menu Principal"
android:screenOrientation="portrait">
<intent-filter>
<action android:name="independent.dev.ui.mainactivity" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
How can I set the package so I can navigate and delete this vulnerability?