...
Chin, et al., [Chin 2011] point points out that, if a malicious component is able to intercept the intent, then it can access the data at the URI. Implicit intents can be intercepted by any component so, if the data is intended to be private, any intent carrying data privileges must be explicitly addressed, rather than being implicit. (See DRD03-J. Do not broadcast sensitive information using an implicit intent for more information about the interception of implicit intents.)
...
An application could intercept the implicit intent and access the data at the URI.
Compliant Solution
In this compliant solution the intent is made explicit so that it cannot be intercepted:
Code Block | ||
---|---|---|
| ||
TBD |
...