vivo Internet Technology
Nov 10, 2021 · Mobile Development
Android mReferrer Security Analysis: Source Tracing and Anti-Forgery Solutions
The article reveals that Android’s Activity mReferrer field, derived from Context.getBasePackageName(), can be forged by overriding getBasePackageName(), outlines its data flow from ActivityTaskManagerService to Activity.attach, and recommends using the immutable UID via Binder.getCallingUid() for reliable source verification.
Activity InternalsAndroid securityAnti-Forgery
0 likes · 10 min read