fix(android): Isolate provider access to a subdirectory #901
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
5 tasks
erisu
approved these changes
Oct 25, 2024
KarinBerg
added a commit
to MobisysGmbH/mobisys-cordova-plugin-camera
that referenced
this pull request
Feb 4, 2025
* chore: bump plugin version 7.0.0-dev (apache#845) * dep(dev)!: bump @cordova/[email protected] (apache#846) * dep(dev)!: bump @cordova/[email protected] * chore: apply automatic lint fix * feat(android)!: Android 13 support (apache#844) * feat(android)!: Android 13 support * refactor(android): simplify getPermissions logic * feat(android)!: bump cordova-android requirement to >=12.0.0 * feat(android): update saveAlbumPermission to include Android 9 and below use case --------- Co-authored-by: ochakov <[email protected]> * chore: Update SUPPORT_QUESTION.md template (apache#849) * fix!: remove deprecated platforms (apache#848) * chore: remove windows/osx from plugin.xml (apache#850) * ci(gh-action): sync with paramedic configs (apache#851) * release(camera-v7.0.0): updated version and RELEASENOTES.md * chore: bump version 7.0.1-dev * ci(android): Update Android CI to be compatible with cordova-android@13 (apache#890) * chore: Added npmrc * ci: sync workflow with paramedic (apache#895) * chore: Update eslint config to 5.1.0 (apache#898) * chore: Update package to 8.0.0-dev (apache#899) * Remove media permissions to make complaint with Android 14 requirements (apache#889) Co-authored-by: Ravi Yakasiri <[email protected]> * fix(android): Isolate provider access to a subdirectory (apache#901) * fix(android): Use VERSION_CODES instead of hard-coded API literals (apache#904) * fix(android): improper cache path construction during image manipulation (apache#905) * fix(android): Improper serialization of image uri in save instance state (apache#903) * fix(android): Return data uris as an URI (apache#910) * fix: return content uris when possible when selecting from gallery (apache#902) * fix(browser): Make data uri be returned as actual URI strings (apache#912) * fix(ios): Sync camera API return to match Android changes (apache#911) * refactor(android): replace image path usage with image uris (apache#906) * refactor(android): clean up image file path usages * removed references of image paths in log messages * refactor(android): remove query img usage (apache#907) * refactor: remove unnecessary duplicate image checks and queryImgDb usage * remove unused imageType parameter, because it's a private API anyway * docs: Revisions for v8 public API changes with the return string formats of getPicture (apache#913) * refactor(android): Make WRITE_EXTERNAL_STORAGE optional (apache#909) * refactor(android): Rework permission management to make WRITE_EXTERNAL_STORAGE optional * removed unused getPermissions API * Proper error if WRITE_EXTERNAL_STORAGE is required but missing the declaration * removed obsolete hasPermissions API * fix: Remove WRITE_EXTERNAL_PERMISSION (apache#915) * deprecation: allowEdit (apache#914) * deprecation: allowEdit * applied suggestions to verbiage * chore: version 8.0.0 * chore: 8.0.1-dev * chore: remove trailing whitespace (apache#921) * Change "allowedPublishingBranches" from "refs/heads/master" to "refs/heads/release" * ci: Publish only the file "mobisys-internal-cordova-plugin-camera-*.tgz" to AzureDevOps * ci: Use "release/v8" of "devops-templates" * Add new section "Branches" to the README.md --------- Co-authored-by: エリス <[email protected]> Co-authored-by: ochakov <[email protected]> Co-authored-by: jcesarmobile <[email protected]> Co-authored-by: Erisu <[email protected]> Co-authored-by: Norman Breau <[email protected]> Co-authored-by: ravi-yk <[email protected]> Co-authored-by: Ravi Yakasiri <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Platforms affected
Android
Motivation and Context
The file provider is what grants app delegates (such as the camera app) access for reading and/or writing. It is what allows the camera intent to write it's image to the app's internal cache directory. The previous configuration allowed access to the entire cache directory which could be perceived as a security risk.
Using a sub-directory will at least isolate access to that specific directory and won't expose other cache files that the app may have stored. The chosen directory is something that should only be used by this plugin, and the directory will be mostly empty assuming that users call the
cleanupAPI. Worst case scenario it may have images that was previously captured by the user.Description
Update to provider to path to use a subdirectory, and updated the create code to use subdirectory.
Testing
Tested on using android simulator using
getPictureAPI.Paramedic tests also passes.
Checklist
(platform)if this change only applies to one platform (e.g.(android))