Why does Kit Kat require the use of the isValidFragment?

Question

Ever since KitKat was released, I\'ve noticed a whole bunch of my apps updating with \"Fixing a crash in Kit Kat\". Recently when I released my own app, I figured out the likely

Answer 1

Here: http://commonsware.com/blog/2013/12/13/sanitize-all-the-extras.html it is suggested that this was introduced as a security fix:

PreferenceActivity supports extras to load specific PreferenceFragments into the activity. This is used heavily by the Settings app, to allow apps to drive straight into particular screens (actually fragments). Unfortunately, there was no logic in PreferenceActivity to ensure that only those fragments that were supposed to be externally reachable were loaded via these extras — hence, the addition of isValidFragment(). So, a properly-crafted Intent can open any exported PreferenceActivity and launch any PreferenceFragment from it, in the absence of such defenses.

(bold text added by me)