Your app contains an Intent Redirection vulnerability

孤人 提交于 2019-12-18 06:19:09

问题


I launched a game to the Google Play store recently and it was going good until now. I just received an email from Google that says that "One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk " and tells me I need to fix it by August 13.

I personally don't collect or demand any user data or info. However, I used Google Admob ads with Facebook mediation and Unity ads in my game which may be the cause of this problem. So, my question is how to overcome this problem? They also said in the email to make changes in the manifest file. If any one has a similar problem and knows the solution for it, your help would be appreciated.

Here is the email:

"One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk. On August 13, 2019, any apps that contain unfixed security vulnerabilities beyond the dates listed on your Play Console alerts will be removed from Google Play.

Action required

Sign in to your Play Console. Select Alerts to see which apps contain a security vulnerability, and review the guidance on how to resolve the vulnerability. Update your affected apps to fix the vulnerabilities. Submit the updated versions of your affected apps. Upon resubmission, your app will be reviewed again. This process can take several hours. If the app passes review and is published successfully then no further action is required. If the app fails review then the new app version will not be published and you will receive notification via email."


回答1:


I have a same issue, actually Latest Unity Add Xiaomi SDK by default which cause this issue.

Simple remove Xiaomi from your Unity it will fix the issue.




回答2:


We had received a similar email, In the Play Console/Alert tab, we found this

for us, the reason is "com.androidnative.features.social.common.SocialProxyActivity.StartActivity" which come from Android Native asset[Ultimate Mobile] - Unity3D.

We used that asset for Advertisements, In-app purchase and play game services instead of using the original SDK. So the possible solution is to remove that asset from our game and use the original SDK.




回答3:


Here is the Screenshot of my alert.




回答4:


Ihsan Ali

The problem is in the UnityChannel.aar file, you need to open it with the help of the archiver and open the AndroidManifest.XML. I in the line android:exported="true" wrote a false as indicated in the article in Google. Now publish the version and if the error will no longer be reported.




回答5:


I had the same issue. Just remove xiaomi app game centre from your unity>>game build option. Disabling it will surely clear out the issue.



来源:https://stackoverflow.com/questions/56175958/your-app-contains-an-intent-redirection-vulnerability

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!