android 深度链接
探索Android World (Exploring Android World)
I was debugging a deep link issue into the App, there I discovered a lot of Apps have some issue on deeplink as stated in the article below.
我正在调试应用程序中的深层链接问题,我发现很多应用程序都在深层链接中存在一些问题,如下文所述。
When performing more investigation, exploring how to fix it, then I came across this issue which could be a loophole on Android itself.
在进行更多调查时,探索如何修复它,然后我遇到了这个问题,这可能是Android本身的漏洞。
背景 (The background)
As we know if we want to have our App to support certain URL to deeplink into our App by default (without asking if it should open in Chrome), we can do as per recommended by the document
如我们所知,如果我们想让我们的应用默认支持某些网址以深层链接到我们的应用(无需询问是否应在Chrome中打开),我们可以按照文档中的建议进行操作
1 Register our URL accordingly with the host, scheme, path, etc, as shown in the example code below, also ensure android:autoVerify=”true”
1按照下面的示例代码所示,将我们的URL注册到主机,方案,路径等,同时确保android:autoVerify=”true”
<activity ...>
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="http" android:host="www.example.com" />
<data android:scheme="https" />
</intent-filter>
</activity>2 Setup the assetlink.json file in our respective host domain correctly, with the relevant information, as shown below
2正确设置我们各自主机域中的assetlink.json文件,并提供相关信息,如下所示
[{
"relation": ["delegate_permission/common.handle_all_urls"],
"target": {
"namespace": "android_app",
"package_name": "com.example",
"sha256_cert_fingerprints":
["14:6D:E9:83:C5:73:06:50:D8:EE:B9:95:2F:34:FC:64:16:A0:..."]
}
}]If everything is done correctly, then you’ll get the registered URL deeplink into your App without asking you like below.
如果一切都正确完成,那么您将获得注册的URL深度链接到您的App中, 而不会像下面这样询问您。
仅允许您深度链接注册的URL (You are only allowed to deeplink URL registered)
So when you test it out, you can only deeplink that you have defined as your data in your AndroidManifest.xml file i.e. https://www.example.com
因此,当您对其进行测试时,您只能在AndroidManifest.xml文件(即https://www.example.com中将已定义为数据的深度链接
If you try on any other URL, it will not deeplink into your App. This is expected, all good.
如果您尝试使用任何其他URL,它将不会深度链接到您的应用程序。 这是预料之中的,一切都很好。
尝试通过注册更多网址来破解 (Trying to hack with registering more URL)
Even if you try to be funny and add other popular URL (e.g. Facebook, Google, Apple, CNN, etc) like below, and install the App for the first time, it will just ask the user if they want to deeplink these URL into your App.
即使您尝试变得有趣并添加如下所示的其他受欢迎的URL(例如Facebook,Google,Apple,CNN等)并首次安装该应用,它也会询问用户是否要将这些URL深链接到您的应用。
<activity ...>
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="http" android:host="www.example.com" />
<data android:scheme="https" />
<android:host="www.google.com" />
<android:host="www.facebook.com" />
<android:host="www.apple.com" />
<android:host="www.cnn.com" />
</intent-filter>
</activity>Not only it doesn’t default link into your App for those URLs (since you don’t have your assetlink.json in those hosts, it also breaks your official URL that you supposed to get deeplink by default.
它不仅不会默认链接到这些URL的应用程序(由于在这些主机中没有assetlink.json ,它还会破坏您应该默认获取深层链接的官方URL。
So that’s all good.
这样就很好。
那么被黑的是什么? (So what’s the hacked?)
Okay, let’s do what’s legitimate for the first time, where you only have your URL that you own the domain, with proper assetlink.json up there.
好的,让我们第一次做合法的事情,在这里,您只有拥有该域的URL,并在上面有适当的assetlink.json 。
<activity ...>
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="http" android:host="www.example.com" />
<data android:scheme="https" />
</intent-filter>
</activity>You compile and ship your app. User start clicking them and the app has been “approved” to have default URL linked into it without question asked.
您编译并交付您的应用程序。 用户开始单击它们,该应用程序已被“批准”以链接默认URL,而不会出现任何问题。
发行具有更多域的新版本的App。 (Ship a new version of App with more domains.)
So in your next version of App, adds more URL in (even though you don’t own their domain)
因此,在您的下一版App中,添加了更多URL(即使您不拥有其域)
<activity ...>
<intent-filter android:autoVerify="true">
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data android:scheme="http" android:host="www.example.com" />
<data android:scheme="https" />
<android:host="www.google.com" />
<android:host="www.facebook.com" />
<android:host="www.apple.com" />
<android:host="www.cnn.com" />
</intent-filter>
</activity>Compile and ship it.
编译并发送。
Now the user just upgrade the App without reinstalling it. This user has previously performed deeplink with your www.example.com, and your App has been verified
现在,用户只需升级应用程序即可,而无需重新安装。 该用户先前已经与您的www.example.com进行了深层链接,并且您的应用已通过验证
If there’s any link that you defined above (e.g. Facebook, Google, Apple, CNN, etc) link came in, and the user clicks on it…. It will automatically deeplink to your App WITHOUT ANY FURTHER VERIFICATION!
如果您在上面定义了任何链接(例如,Facebook,Google,Apple,CNN等),则进入链接,然后用户单击它……。 它会自动深链接到您的应用程序,而无需任何进一步的验证!
That means if you register many many domain hosts in your deeplink, then your app will get lots of redirected visits!
这意味着,如果您在深层链接中注册了许多域名托管服务商,则您的应用将获得大量重定向访问!
Thanks for reading. You can check out my other topics here.
谢谢阅读。 您可以在此处查看我的其他主题。
You can subscribe here or follow me on Medium, Twitter, Facebook, and Reddit for little tips and learning on mobile development, medium writing, etc related topics. ~Elye~
您可以在此处订阅,也可以在Medium , Twitter , Facebook 和 Reddit上关注我,以获取有关移动开发,媒体写作等相关主题的小技巧和学习。 〜艾莉〜
翻译自: https://medium.com/swlh/android-hacked-any-link-could-be-linked-to-your-app-by-default-4b49e3692949
android 深度链接
6711
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
