I'm porting an old game from AdMob to the latest AdMob with Firebase. I was using a deprecated version of AdMob.
I want the smallest integration as possible, I don't want Firebase analytics. I have a working integration (using Android Studio project), but when uploading my apk to Google Play, I realized new permissions were automatically added:
android.permission.WAKE_LOCK
com.frozax.hashiextreme.permission.C2D_MESSAGE
com.google.android.c2dm.permission.RECEIVE
What is this C2D thing? I don't want and don't need it. com.frozax.hashiextreme is the package name of my app. It looks like it's added from firebase-iid, but I don't want it either.
Is there a way to ignore these? I try to have as few permissions as possible.
In my dependecies, I only have
compile 'com.google.firebase:firebase-ads:9.0.0'
I tried to remove
classpath 'com.google.gms:google-services:3.0.0'
But it's not working and I still have these permissions.
Thanks
I have the same issue.
As described in this Reddit post you can add some lines to your manifest to avoid that:
<uses-permission android:name="android.permission.WAKE_LOCK" tools:node="remove" />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" tools:node="remove" />
<uses-permission android:name="your.app.package.permission.C2D_MESSAGE" tools:node="remove" />
But I definitively do not know if there will be an impact on Firebase integration.
Related
I am using the reactiveBLE library (which is by the way excellent, thank you for that).
However, with the newer version, it brings its own manifest file, so I don´t have to add any permissions to mine. The manifest file of reactiveBLE and one of my app are supposed to be merged together when building the app.
Because different rules are needed for different APIs, reactiveBLE adjusts its permissions accordingly. It seems that for Bluetooth, android.permission.ACCESS_FINE_LOCATION and android.permission.ACCESS_COARSE_LOCATION are only needed for APIs 23 - 30.
The code is then (for example):
uses-permission-sdk-23
android:name="android.permission.ACCESS_FINE_LOCATION"
android:maxSdkVersion="30"
However, as I also include other location services (which do need these permissions for other APIs as well), I would have to remove the "android:maxSdkVersion="30" part. This is also recommended in the official documentation:
official documentation on how to remove maxSdkVersion
However, this is not possible, because the manifest file of reactiveBle is generated automatically each time I build something (and my changes are overwritten again).
The app is working fine, but I am getting errors in the Play Console when uploading the app to the Playstore.
Please advise how I can merge the manifest files properly, so I do not get an error when uploading to the Play Console.
Kind regards
René
This solution from reactiveBLE issues worked for me.
To prevent conflicts with you own permissions, in your AndroidManifest.xml file include:
<uses-permission-sdk-23 android:name="android.permission.ACCESS_FINE_LOCATION" tools:node="remove"/>
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION"/>
<uses-permission-sdk-23 android:name="android.permission.ACCESS_COARSE_LOCATION" tools:node="remove"/>
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/>
You will also need to add xmlns:tools="http://schemas.android.com/tools" in the manifest tag at the top of the file.
Good day.
In my cordova app I don't use ACCESS_BACKGROUND_LOCATION, and there is no any uses-permission strings about ACCESS_BACKGROUND_LOCATION in config.xml neither in AndroidManifest.xml, but when I try to upload APK into Google Play, it's failed and Google says that I use at least one feature that uses access to the location in background. I want to delete ACCESS_BACKGROUND_LOCATION clearly.
What I need to do?
I added
<uses-permission android:name="android.permission.ACCESS_BACKGROUND_LOCATION" tools:node="remove" />
to AndroidManifest.xml. Is that enough?
I just updated one app from Firebase 9.0.0 to Firebase 9.0.2.
I use messaging + ads.
compile 'com.google.firebase:firebase-messaging:9.0.2'
compile "com.google.firebase:firebase-ads:9.0.2"
Now a lot of unwanted permission have cropped up
android:name="android.permission.READ_PHONE_STATE"
android:name="android.permission.READ_EXTERNAL_STORAGE"
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
I didn't add those permissions anywhere, so they must be from Firebase.
I know my clients don't like these permissions, so I removed them with
<uses-permission
android:name="android.permission.READ_PHONE_STATE"
tools:node="remove" />
<uses-permission
android:name="android.permission.READ_EXTERNAL_STORAGE"
tools:node="remove" />
<uses-permission
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
tools:node="remove" />
My app still works, messaging and ads still work, still I'd like my suspicions confirmed.
Why does Firebase add those permissions and is it really ok to remove them like I did?
This issue was fixed in 12.0.1. Source https://developers.google.com/android/guides/releases
March 28, 2018 - Verison 12.0.1
Issues fixed in 12.0.1:
Fixes issue that caused spurious Android lint errors claiming
GoogleSignIn and CredentialsClient were internal-only.
Adds missing
minSdkVersion in -license artifacts to prevent automatic inclusion of
READ_PHONE_STATE and READ_EXTERNAL_STORAGE permissions.
Restores
unique package names for runtime linked -license artifacts which
affected some build systems' (e.g. Ionic Pro) compatibility issues.
Restores some fields names that were obfuscated in 12.0.1, namely the
value() method of #PropertyName annotations in firebase-firestore and
firebase-database.
android:name="android.permission.READ_PHONE_STATE"
android:name="android.permission.READ_EXTERNAL_STORAGE"
android:name="android.permission.WRITE_EXTERNAL_STORAGE"
these permissions are different they are not used in fcm.
PHONE_STATE permission to know current state of phone
and READ_EXTERNAL_STORAGE and WRITE_EXTERNAL_STORAGE to add and delete file in memory from your app, if you are not using any of these functionalities you can remove it.
I 've imported an Eclipse project to Android Studio and now it has added 3 more permissions to the APK.
Coarse, Get Accounts, Use Credentials.
How do I remove these? It seems that they were added from the google play services lib somehow.
Fixed by enforcing removal:
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" tools:node="remove" />
After updating my play-services-fitness api from 7.0.0 to 7.5.0 I noticed that when I go to upload a new build to the PlayStore it tells me that I am adding a new permission and 2 new features. I did not do this! What the heck.
After doing some research to pin down the culprit it was in fact play-services-fitness:7.5.0 that was to blame. By including that in your project (compile 'com.google.android.gms:play-services-fitness:7.5.0') and compiling it will inject the <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION"/> into your AndroidManifest.xml. So the PlayStore is correct, you are asking to use new permissions and features. You can confirm this by checking your build/intermediaries/manifests/full/[debug|release]/AndroidManifest.xml file. There you will see the new permission added. To remove this you simply add <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" tools:node="remove" /> to your own manifest and it will be stripped out during the manifest merge process.
You will crash if/when you do use a Fitness API that requires that permission but if you can guarantee that you won't use it then there you have it.