可以在逆向工程应用程序时看到构建类型资源吗? [英] can Build Types resources be visible while reverse engineering the app?

问题描述

我的应用程序中有两个构建变体，一个是发布版本，另一个是调试版本.

I have two build variant in my Application, one is release and other is debug.

在一个版本中，我设置了我的 https URL.在调试中，我设置了本地 URL 以进行测试.

In a release, I have set my https URL. In Debug, I have set my local URL for testing purpose.

如果我将发布变体上传到 PlayStore，是否有可能有人可以对其进行逆向工程并查看我的本地测试 URL?我不想公开我的测试 URL?

is it possible if I upload my release variant to PlayStore that somebody can reverse engineered it and see my Local testing URL? I dont want to expose my testing URL?

推荐答案

如果你只是用flag来切换运行环境，并且源代码中包含本地测试的URL，即使你混淆了，它也能在反汇编的smali文件中找到它

If you just use flag to switch running environment and sorce code contain the local testing URL, it'll able to find in the disassembled smali files even if you obfuscated it

您可以尝试使用 gradle 从资源中拆分构建常量，参考此处:在构建发布版本时更改常量值

You can try to split building const from resource using gradle, ref here: Change constant values when building a release edition

这篇关于可以在逆向工程应用程序时看到构建类型资源吗?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！