isValidFragment Android API 19
Try this... this is how we check validity of fragment.
protected boolean isValidFragment(String fragmentName) {
return StockPreferenceFragment.class.getName().equals(fragmentName);
}
when android's isValidFragment() from PreferenceActivity gets called?
Seems to be a bug or a 4.4 security restriction. Workaraound is to use anything below 19 that is still compatible with PreferenceActivity
, and bite the bullet for compiling with an older target.
I am using the headers "pattern" for the PreferenceActivity (overriding public void onBuildHeaders(List<Header> target)
), and I assume the OP is too, most likely being the place where stuff happens and crashes.
In my case, I have narrowed this exception to <uses-sdk android:targetSdkVersion="19" />
, and anything in [14-18] build targets will compile and run without issues.
Suggestion (for Eclipse): I never messed directly messed with such stuff, but I'm assuming if you compile your PreferenceActivity
(and maybe fragments) on a different project, targeting 18 or under (pun not intended :O ), and then using that project as a library for your main project targeting KitKat (19), perhaps you can avoid the crash scenario at run-time while still using the features you need from the latest build (as long as those features aren't in the build-18-bound PreferenceActivity
). If this does not succeed, try with that project in jar form (pre-compiled) instead of using project as library.
UPDATE: also take note of Camille Sévigny's answer. If the issue has anything to do with that other question (50% chance IMHO), all apps targeting API 18 are vulnerable to fragment injection attacks (see his linked question).
why would a fragment class may not be valid?
Why?
PreferenceActivity had its security compromised and isValidFragment(String name)
was provided as a response.
More specifically, from the vulnerability disclosure:
Any app which implements and exports an activity
that extends a PreferenceActivity class
can be subverted to load an arbitrary class by
exploiting the dynamic fragment loading process.
The security issue meant that a rogue application could instantiate your PreferenceFragments and they would get their extras from the actual parent, leaking data.
As a patch, isValidFragment(String name)
was created so you are forced to either provide a whitelist of "safe" fragments or if you return always true, acknowledge the risk of your application being compromised.
It is only needed starting KitKat because is when the patch was introduced.
How could a fragment class not be valid?
Having a name alien to your app.
What could go wrong?
Somebody could attack your app through the method described in this pdf linked by @Sree in the comments.
isValidFragment in PreferenceActivity Method does not override method of its superclass
Set your build target (e.g., Project > Properties > Android in Eclipse, compileSdkVersion
in build.gradle
) to API Level 19 or higher. My guess is that yours is set to something lower than that.
PerferenceActivity with PreferenceFragment fails on device with proguard okay without proguard
I would use -keep class your.package.goes.here.** { *; }
, to make sure ProGuard does not get rid of any of your own classes, including your fragments referenced by layouts or other resources instead of code.
Note that I am no ProGuard expert, and so this may be "swatting a fly with a Buick", but it works for me, including my PreferenceFragments
.
When i click on header, no preferences show up
check if u didn't get:
java.lang.RuntimeException:
Subclasses of PreferenceActivity must override isValidFragment(String) to verify that the Fragment class is valid!
XXX has not checked if fragment YYY is valid.
isValidFragment Android API 19
when android's isValidFragment() from PreferenceActivity gets called?
http://securityintelligence.com/new-vulnerability-android-framework-fragment-injection#.VRGSv1V_NBc
Related Topics
Service Intent Must Be Explicit: Intent
Using Onbackpressed() in Android Fragments
How to Replace a String for a Buildvariant with Gradle in Android Studio
Android Service Startservice() and Bindservice()
How to Remove White Underline in a Searchview Widget in Toolbar Android
Setting Action Bar Title and Subtitle
How to Repeat Notification Daily on Specific Time in Android Through Background Service
How to Overlap Items in Linearlayoutmanager - Recyclerview (Like Stacking Cards)
Supporting Amazon and Android Market (Google Play) Links Inside Application
Not Able to Debug App in Android Studio
Getting The Current Position of a Viewpager
Flutter Insecure Http Is Not Allowed by Platform
Android Viewpager Padding/Margin Between Page Fragments
How to Pause Android.Speech.Tts.Texttospeech
How to Add The Icon for Swipeable Tabs
Exception When Opening Parse Push Notification
Android - Open Target _Blank Links in Webview with External Browser
How to Get Pid of Android Application Without Using Adb Shell