I am developing an android app which will track all the http and https request of my phone and display that request as an result.
So please anyone suggest me how to do that using android app.
Funny I just ran across this a couple of minutes before reading your question. They are talking about an app that does exactly the same thing. From the text of this post I can assume that this is no small feat. They have taken the approach of setting up a virtual enviroment to capture all http requests. This requires rooting your phone. I would expect if you wanted to check a particular app you could load the app in an emulator and log the emulator's requests.
Related
I have android 10 huawei phone.
I found out that when I receive an sms with a link in it, my phone does a background request to the linked url.
For the test, I've made a custom link to my apache server. And checked the logs. I can see a regular GET request coming from non-my IP (66.102.9.127 which seems to be a google-related IP).
I know about the OG. But my settings state that I should explicitly click the preview area to load the OG.
That looks like a security breach, as some services may send my one-time verification links. And it seems, like google does some scanning on my messages and checks the links in it.
You might wanna check any base application comes with the phone doing that or not, instead of google. Any trace logs?
We have very strange issue.
We are using godaddy domain and google cloud for hosting.
We have App on Android and iOS everything seems working fine.
But Android app taking 40 second to call API. As server log showing request served in 100ms.
This happens with particular when we are on cellular data. All other websites loading fast.
Issue happen Android app + Idea cellular only.
When we hit same API URL on mobile browser it works normal. But in app it takes 40sec to 4 min to get response.
In ios app we are not facing this issue with idea cellular network.
We are unable to debug this issue.
Thanks in advance..
check if the cellular is consuming any proxy. if so disable it and try again. if the problem persists then use cloud flare or google DNS. I hope it will help you out.
I'm developing an app and I use volley to fetch data from server in background . Can anyone see the urls I have used in my app?
If yes then how? and how can I prevent anyone from seeing them?
Yes, people could see what URLs are used. Specifically:
Users can decompile your app, and read the URLs from the decompiled source. Use an obfuscator such as Proguard to make this more difficult.
Users can also attach a debugger to your app at runtime, again revealing the data. Remember that the user has full control over the device and anything running on it.
Users can use a network traffic sniffer, eg Wireshark, or a firewall which logs all traffic, in order to see what your app is requestion. Make sure you're using HTTPS in order to make this harder. Make sure you also implement HTTPS correctly, especially, this means to not simply accept all certificates.
You cannot completely prevent people from seeing the URLs your app is using, since the app is running on the user's device, where the user can do anything he wants with it. You can only make it harder.
See also:
How to avoid reverse engineering of an APK file?
Android - Get the URL of a file being downloaded, which I answered a while back.
Yes, for example you can open chrome developer console and look at requests that are being made from your app if you are developing web app. In case of mobile app, everyone also can sniffer internet traffic, for example connecting to your own wifi router and listen to traffic, or use special tools like portswigger.
You cant prevent your urls from being revealed anyway, but you can use https in order to hide data you send.
Hope this ll help.
Since I am new to android I am confused with the concept of server for android app. After going through different tutorials I landed up at openfire server. I have done with setting up the server on my computer. If I turn off my computer the server will be closed and app will stop working I guess. How the real time chatting app work. How to get a real time server which will be available to the user 24/7. Please help me get rid off it.
Seems like you have setup server on your local machine. This requires your system to be turned on always. Try hosting it in a third party environment. Hope this helps!
I have an app on multiple platforms and i want to add a check to make sure the call is happening from the app. How can i verify this?
The app is a video game which is trying to post high scores back to the server which receives https calls.
The calls should be as secure as possible since i dont want people to post insane scores by decompiling any of the apk.
Update...
I found something for android : http://developer.android.com/reference/com/google/android/gms/auth/GoogleAuthUtil.html
I am still looking for IOS and Kindle.