Getting an error on uploading an app to the Google Play store
You uploaded an APK or Android App Bundle which has an activity, activity alias, service or broadcast receiver with intent filter, but without the 'android:exported' property set. This file can't be installed on Android 12 or higher. See: developer.android.com/about/versions/12/behavior-changes-12#exported
All activities, activity alias, services, or broadcast receivers that have intent-filter are marked with android:exported.
The app installs to device and emulator running Android 12 without errors. Also, Android Studio doesn't report any error on merged AndroidManifest file.
Any ideas what could be wrong when there are no errors on the development environment but Google Play store still complains? How this can be resolved?
I think mentioned link in your question answers itself.
In simple words, if your app is responding to system or by other apps and if that is intended then you need set android:exported=true else false. I mean if your app activity gets opened by any other app or your app listens to other apps broadcasts or your app starts any service by other apps then this case is involved.
Doing this will resolve your issue on play store while publishing app. This assessment is done as part of behaviour changes when targeting android 12
https://developer.android.com/about/versions/12/behavior-changes-12#exported
Update : Add below tag in all your activities, services, broadcasts etc.
android:exported="false/true" based on above explanation.
E.g.
<service android:name="com.example.app.backgroundService"
android:exported="false">
<intent-filter>
<action android:name="com.example.app.START_BACKGROUND" />
</intent-filter>
</service>
Dexguard can be the cause of this issue. Add rule -keepresourcexmlattributenames manifest/** to your Dexguard/Proguard file.
The original answer found https://stackoverflow.com/a/70703375/1474153
Related
We are migrating our Device policy app to Android 12 last API. during our test we notice that the intent PROVISIONING_SUCCESSFUL was never received so the related activity never started , instead of that ACTION_PROFILE_PROVISIONING_COMPLETE is well received in our admin receiver.
The documentation and comment in the aosp source says that :
PROVISIONING_SUCCESSFUL Action is sent to indicate that provisioning of a managed profile or managed device has completed successfully.
It'll be sent at the same time as DeviceAdminReceiver#ACTION_PROFILE_PROVISIONING_COMPLETE broadcast but this will be delivered faster as it's an activity intent.
ProvisioningSuccessActivity entry in manifest :
<activity
android:exported="true"
android:name=".ProvisioningSuccessActivity"
android:permission="android.permission.BIND_DEVICE_ADMIN">
<intent-filter>
<action android:name="android.app.action.PROVISIONING_SUCCESSFUL"/>
<category android:name="android.intent.category.DEFAULT"/>
</intent-filter>
</activity>
I'm wondering if someone encountered the same issue ? thanks
I believe Karthi Keyan is right
As is said by a contributor to the google testing app for provisioning, the famous testdpc
They migrated all entry points to provisioning to use intents
android.app.action.GET_PROVISIONING_MODE and android.app.action.ADMIN_POLICY_COMPLIANCE
https://github.com/googlesamples/android-testdpc/issues/133#issuecomment-944367382
I also need to migrate the EMM app to suit Android 12 and I will adopt this approach
From Android 12, you will need to include the new changes to support provisioning as DPC.
https://developer.android.google.cn/work/versions/android-12#deprecations
Follow the steps given here https://developers.google.com/android/work/play/emm-api/prov-devices#set_up_device_owner_mode_google_account.
Answering to the question on the reason for PROVISIONING_SUCCESSFUL never received, it is expected as per the flow. The documentation from Android is not updated to reflect the behaviour.
Please refer to the source code https://cs.android.com/android/platform/superproject/+/android-12.1.0_r8:packages/apps/ManagedProvisioning/src/com/android/managedprovisioning/finalization/ProvisioningIntentProvider.java;l=48
where we can confirm that ComplianceScreen is launched instead of ProvisioningSuccessful Screen if the setup is part of setup wizard.
Good day,
In my simple Andorid app which is really just a webview app, I added android:exported="false" in Android Manifest to avoid the Exported service without permissions warning / vulnerability. However when I run it on my device it would give App is not installed error, unless I change it to android:exported="true", then the app would launch fine on my device.
I then tried to add a permission tag as follows to avoid the "Exported service without permissions" warning but the app would not run again. What would be best to have the app running correctly? I don't really need to export any service.
The internet permissions is for some annotation links in my app which would open in an external browser.
Sorry if I'm missing something basic as I'm new to Android development, thanks for any pointers.
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package=com.mymundane.app">
<uses-permission android:name="android.permission.INTERNET" />
<permission android:name=com.mymundane.app.mypermission"
android:label="mypermission" android:protectionLevel="signature">
</permission>
<application
android:allowBackup="true"
android:icon="#mipmap/ic_launcher"
android:label=com.mymundane.app"
android:roundIcon="#mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="#style/AppTheme"
android:fullBackupContent="#xml/backup_descriptor">
<activity android:name=com.mymundane.app.MainActivity"
android:exported="true" android:screenOrientation="portrait"
android:permission=com.mymundane.app.mypermission">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
</application>
</manifest>
The "exported" attribute describes whether or not someone else can be allowed to use it.
So if you have "exported=false" on an Activity, no other app, or even the Android system itself, can launch it. Only you can do that, from inside your own application.
So settings "exported=false" on the Activity marked as the LAUNCHER Activity would basically tell the system that it cant launch your application, ever.
As for the error you mentioned, i don't see any services in your manifest? Where is that warning shown for you?
Since this is the first thing that pops up on Google when searching "android:exported = false meaning", its worth mentioning that the statement from the most upvoted answer:
So if you have "exported=false" on an Activity, no other app, or even the Android system itself, can launch it. Only you can do that, from inside your own application
is wrong.
According to the Android <activity> documentation:
If exported="false", the activity can be launched only by components of the same application, applications with the same user ID, or privileged system components. This is the default value when there are no intent filters.
The exported tag prevents a (non-system) launcher from launching the activity. However, it is wrong to state that exported="false" stops the component from being started from anything that is not the application itself. This is particularly important when it comes to system manifest broadcasts (e.g. BOOT_COMPLETED). Boot broadcast receivers will still activate even if exported="false".
You uploaded an APK or Android App Bundle which has an activity, activity alias, service, or broadcast receiver with intent filter, but without the 'android: exported' property set. This file can't be installed on Android 12 or higher. See: developer.android.com/about/versions/12/behavior-changes-12#exported
for better experience read the official android doc.
https://developer.android.com/about/versions/12/behavior-changes-12#exported
Note: sometimes this error occurred when you are using old payUMoney SDK. so replace this with payUcheckout pro SDK then your problem is solved.
thank you.
I'm setting up campaign tracking using custom analytics (not google analytics) and setting up a receiver for that. My receiver seems to be working, but when I install I get an android lint warning:
ExportedReceiver: Receiver does not require permission
It looks like any old android app could call my application with the com.android.vending.INSTALL_REFERRER intent which I do not want. It should only be the Google Play Store (or any other android system application that would install my app from the play store) sending that intent to my application.
So I've tried to figure out how to set up a permission that limits the valid applications to the play store, but I can't figure out the correct way to set up the permission according to the documentation:
https://developer.android.com/guide/topics/manifest/permission-element.html
Could someone help me setup a permission that limits the applications my application will accept this intent from to the play store? Here's my current receiver config:
<receiver
android:name=".referrals.MyCampaignTrackingReceiver"
android:enabled="true"
android:exported="true">
<intent-filter>
<action android:name="com.android.vending.INSTALL_REFERRER"/>
</intent-filter>
</receiver>
I tried setting a permission for the receiver at the normal level but that prevented the app from receiving the intent from the playstore.
You need to set android:permission attribute on your receiver. So that it will look something like this:
<receiver
android:name=".referrals.MyCampaignTrackingReceiver"
android:enabled="true"
android:exported="true"
android:permission="android.permission.CLEAR_APP_CACHE">
<intent-filter>
<action android:name="com.android.vending.INSTALL_REFERRER"/>
</intent-filter>
</receiver>
Usage of "android.permission.CLEAR_APP_CACHE" here is arbitrary, you can use any permission that Play Store has AND is not possible for third-party apps to have (because CLEAR_APP_CACHEs protection level is system|signature only system apps or apps signed with the same certificate as the application that declared this permission; in this case the platform). For example, looking through Play Store's manifest suggests, "com.android.vending.permission.C2D_MESSAGE" could be another good candidate.
Hope this helps.
INSTALL_REFERRER broadcast permission is not a great concern. Assuming you know you need to handle this broadcast only once, right after install, and you take measures to handle it only once, an attacker will have to know when your app has been installed and somehow send this broadcast before the playstore app, which seems unlikely.
3rd party apps can not broadcast this intent. It is blocked. And permission to send is only granted to system apps.
I am trying to receive SMS from my android app. I have following receiver specified in my manifest.
<receiver android:exported="true" android:name="com.lahiruchandima.myapp.SMSReceiver">
<intent-filter>
<action android:name="android.provider.Telephony.SMS_RECEIVED" />
</intent-filter>
</receiver>
SMSReceiver successfully receives SMS if my app is installed and opened once (app does not need to be running at the moment the SMS is received to the device). But, if i do not open my app at least once after a fresh install, it doesn't receive any SMS.
Does anybody know a way to make it possible to receive SMS without opening the app at least once?
Does anybody know a way to make it possible to receive SMS without opening the app at least once?
It can't be done, on newer Android versions at least. Ever since Android 3.1, apps are installed in a stopped state, and require that the user open it at least once before components like your BroadcastReceiver can function. This is for security reasons, to prevent, or at least hamper, malicious program behavior.
I'm working with Mark Murphy's excellent Commonsware books - but it's a lot to digest. I built the 'FakePlayer' app (pretends to be an mp3 player). It contains a service. As a learning experience I tried to write a trivial app (has only a button) whose click handler does:
Intent i = new Intent();
i.setAction("com.example.cwfakeplayer.MyPlayerService");
Context context = getApplicationContext();
context.startService(i);
It worked fine - the service start ok. I noticed Eclipse complaining about no permission on the service, so I updated the service's manifest by adding 2 lines, android:permissions and android:exported:
<service
android:name="MyPlayerService"
android:permission="com.example.fakeplayer.permission.MY_PLAYER_PERMISSION"
android:exported="true"
<intent-filter>
<action android:name="com.example.fakeplayer.MyPlayerService"></action>
</intent-filter>
</service>
I reloaded the player app onto the device (I'm using a Galaxy S2) using 'debug' under eclipse. It seemed to work; the starter app caused a permission exception, which I expected.
I then added to the starter app's manifest (to give it the permission):
<manifest
...
<uses-sdk ....
....
<uses-permission android:name="com.example.fakeplayer.permission.MY_PLAYER_PERMISSION" />
I reloaded the starter app onto the device (using debug under Eclipse). Still get the permission error in the starter app.
I removed both apps from the device and reinstalled (using debug...), service app first, then starter. Still get perm error.
I am working my way through the 'how to use a remote service' section of Mr. Murphy's Advanced Android book, so I realized this is not the best way perhaps to work across apps.
I did a 'adb shell dumpsys package', located the starter app, and found it had 'permissionsFixed=false' and no 'grantedPermissions' section. I take this to mean the manifest change in the starter app did not manage to get the perm added to the app. But I have no idea why. As a learning experience, it's generated only confusion so far....
Any clues greatly appreciated! Thanks!
I updated the service's manifest by adding 2 lines, android:permissions and android:exported
Technically, android:exported="true" is superfluous, as having the <intent-filter> automatically makes the <service> be exported.
I removed both apps from the device and reinstalled (using debug...), service app first, then starter. Still get perm error.
You do not show where you ever declare the custom permission with the <permission> element. In practice, if you control both apps, put the same <permission> element in both manifests, so the order of installation of your two apps no longer matters.
Try replace this in your manifest
<service android:name="com.example.fakeplayer.MyPlayerService"></service>
instead of
<service
android:name="MyPlayerService"
android:permission="com.example.fakeplayer.permission.MY_PLAYER_PERMISSION"
android:exported="true"
<intent-filter>
<action android:name="com.example.fakeplayer.MyPlayerService"></action>
</intent-filter>
</service>
If this doesn't work, kindly post out your error.