On Android, declaring an intent filter for an activity in the AndroidManifest.xml file means exporting the activity to other apps. If the activity is intended solely for the internal use of the app and an intent filter is declared, any other apps including malware can activate the activity for unintended use.
...
This noncompliant code example shows an AndroidManifest.xml file for an application that exports the activity to other apps, but does not restrict access to its sensitive activity:
...
android:name refers to the name of the class that implements this activity. The name of the package is "jp.co.vulnerable" so the fully qualified name of the class implementing this activity is jp.co.vulnerable.media.yfrog.YfrogUploadDialog. Since the intent filter is defined, this activity is exported to other apps.
Compliant Solution (
...
Do not export activity)
In this compliant solution the caller's identity is checked before any action is takenactivity is not exported:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<activity android:configChanges="keyboard|keyboardHidden|orientation" android:name=".media.yfrog.YfrogUploadDialog" android:theme="@style/ VulnerableTheme.Dialog" android:windowSoftInputMode="stateAlwaysHidden" android:exported="false"> </activity> |
...