So I just tried to update a long-standing Unity built game on the Play Store but received a rejection mail back from Google as follows :
Intent Redirection -
Your app(s) are vulnerable to Intent Redirection.
They offer a link with 3 separate remedies
TBH, The only option I understand here is no.1 (change androidexported to false on the manifest) but looking at this it seems that Google Play services need this in order to sign in.
I have included what I believe to be the offending lines of code from the manifest below.
Also, the mail from Google said I should find more information in 'alerts' in the developer console but there are no messages there.
I am not especially technical so any help greatly appreciated.
<service
android:name="com.google.android.gms.auth.api.signin.RevocationBoundService"
android:exported="true"
android:permission="com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION" />
Related
Please direct me the right way. I'm stuck with some documentation issue. Going to code a small service with Google HOME for everyone to add a new phrase and make a POST request or answer with specific "TEXT" (like IFTTT run with WEBHOOKS) (fe: "Hey Google switch my kitchen light" -> service will send POST request to my own HTTP server). I know that IFTTT works but - I would to code the target service for tiny cases with fast response.
I tried to understand all Google Assistant layers - but still no luck and didn't find the clear path.
What I learned are:
1. connect to Google Account using OAuth 2
2. .... save the phrase and action for that in my DB - it's ok and simple way
3. ...??? how to send and to where? in (json?) a specific format
4. receive the answer from google home to understand the right case and make my action.... (for example: turn on\off the kitchen light)
It should be not so hard as I can image.... anyway Please help :).
Appreciate your time and answers and have a nice day!
To learn about extending the Google Assistant, you should look into the documentation for Actions on Google: https://developers.google.com/actions/extending-the-assistant
Although it also seems like you want to use it for Smart Home: https://developers.google.com/actions/smarthome/
You can run the Smart Home sample if you want to see how it works: https://github.com/actions-on-google/actionssdk-smart-home-nodejs
I'm having some trouble with the GCP console, hopefully someone can point me in the right direction.
A couple of days ago I generated some API Keys and was able to restrict their validity scope by target API. The form looked like this, and I was able to restrict keys to apply on my GAE private APIs only:
whereas today the righthand side tab has disappeared on me and I can only apply "Application restrictions" (IP range, referrer, etc..) and I can see merely the following menu.
I was and still am the owner of the project, and I'm not aware of any change in roles/project config/etc.. (although I can't 100% rule them out)
There is next to zero documentation about the mysterious "API restrictions" tab. Hope someone can help.
Many thanks in advance
F
This feature has been removed temporarly because was causing issues with the Google Maps API.
API already created making use of these restriction will not work and the workaround is to remove them and recreate them with no restriction.
https://issuetracker.google.com/issues/69715011
Please star the bug to add your vote and subscribe to notifications from Google. Hopefully they will fix the issue soon.
I'm using DotNetKit 1.2.6.5 and SagePayIntegration.Validation() is rejecting a customer email that uses the new .online domain (eg: foo#bar.online) with
CustomerEMail is invalid.
Is this fixed in 1.2.6.7 or is the source code for SagePay.IntegrationKit.DotNet.dll available somewhere so I can fix it?
Despite access to the source code (many thanks to #DavidG) SagePay Support have confirmed that the actual Gateway does not support all these new domains - so even if I modified the DotNetKit it would still be rejected by the Gateway.
SagePay support were very helpful but ultimately the
"... email domain foo#bar.online is not yet supported on our gateway.
We run development sprints continuously and although there are some
domains we may not yet support, we look to in future, dependent on
impact and demand..."
The SagePay Integration Kit uses this regex to validate email addresses:
[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+(?:\.[a-zA-Z0-9!#$%&'*+/=?^_`{|}~-]+)*#(?:[a-zA-Z0-9](?:[a-zA-Z0-9-]*[a-zA-Z0-9])?\.)+(?:[a-zA-Z]{2,4})\b
Which does unfortunately not allow extra long TLDs. Fortunately I have the source code for the kit and I've added it to my GitHub account (along with a bug fix which is why I had to get it in the first place as SagePay are not updating it). You can find it here:
https://github.com/WiredUK/SagePay.IntegrationKit
And the Regex you need to edit is this file:
https://github.com/WiredUK/SagePay.IntegrationKit/blob/801f61cf965c391a98a025aa632949719084cef0/ApiRegex.cs
For info, you need to edit the very last part of the expression from 2,4 (which matches 2 to 4 characters in the TLD) to allow more, for example 2,30.
Edit: And just because I can, I opened an issue and fixed it.
I am building an application that simulates user input (command+c and command+v). Before sandboxing it, everything worked fine, but now I am getting these errors from the console:
Firstly, when I fire it up:
5/27/13 1:35:11.980 AM appleeventsd[54]: A sandboxed application with pid 5343, "CopyBoard" checked in with appleeventsd, but its code signature could not be validated ( either because it was corrupt, or could not be read by appleeventsd ) and so it cannot receive AppleEvents targeted by name, bundle id, or signature. Error=ERROR: #100013 { "NSDescription"="SecCodeCopyGuestWithAttributes() returned 100013, -." } (handleMessage()/appleEventsD.cp #1755) com.apple.coreservices.appleevents.peer.0x7fa9b0411260.xpcq
Then, when I try to simulate command+c, I get:
5/27/13 1:52:22.980 AM WindowServer[85]: post_filtered_event_tap_data: Sender is prohibited from synthesizing events
5/27/13 1:52:23.000 AM kernel[0]: Sandbox: sandboxd(6515) deny mach-lookup com.apple.coresymbolicationd
5/27/13 1:52:24.252 AM sandboxd[6515]: ([5343]) CopyBoard(5343) deny hid-control
I'm looking for a solution that would allow me to copy and paste globally in a sandboxed environment. Is it possible that the Accessibility API is a good answer? Has my problem got anything to do with how I'm simulating user input? I'm very confused, thank you very much for helping.
The sandbox is designed to prevent exactly what you seem to be trying - allowing an application to simulate a user is defined as a security issue. If you have a narrow requirement which can be done safely you can submit it to Apple thorough bug reporter as an needed improvement to the sandbox.
The Accessibility API is not supported in general for this reason - no playing with other apps! This did not go down so well with all the developers which used it...
You can use AppleEvents in limited constrained circumstances and with the appropriate entitlements.
You'll probably need to go to developer.apple.com and read all the documents/view videos/etc you can find to see if what you wish is going to be possible.
The only point of hope I can offer you is that the sandbox is a moving target, so you may find you can do more than the above suggests. Go read. Good luck.
The Wp7 marketplace result pdf shows in summary "Exception(s) Applied: None". What does this mean. Should I write code to handle unhandled exceptions Or what I am doing is right.
The App is not rejected due to this, but I want to know what this means.
Thanks,
Kanaya
It means that you have not applied for any technical exceptions. These are a request for your application to not be tested against certain market place policy criteria. You can see some details about this on the Certification section of the FAQ (Under sections 3 and 4) as well as how to apply for exceptions.