用户收到未列入清单的权限请求 [英] User gets permissions request that are not included in the manifest
问题描述
我刚刚发布了一个应用程序,有两个权限在其清单文件(显示横幅广告)。 android.permission.INTERNET对和android.permission.ACCESS_NETWORK_STATE。为了测试我试图从游戏市场安装我的应用程序,并发现应用程序所需的身份,位置,照片/媒体/文件!有一个在我的清单文件中没有这样的权限,我不需要他们。想我的其他应用程序类似的manifest.xml(互联网,网络状态),他们正在安装无需任何特殊权限。 考虑到新的内容分级证书制度,我可能有问题,因为在问卷标志着我不需要用户的位置。 为什么需要我没问权限? 我使用的是Android的工作室和build.gradle:
安卓{
compileSdkVersion 22
buildToolsVersion22.0.1
defaultConfig {
的applicationIDcom.appName
的minSdkVersion 15
targetSdkVersion 22
版本code 1
VERSIONNAME1.0
}
buildTypes {
推出 {
minifyEnabled真
proguardFiles getDefaultProguardFile('ProGuard的-android.txt'),'proguard-rules.pro
}
}
}
库{
行家{
URLhttps://jitpack.io
}
}
依赖{
编译文件树(导演:库,包括:['的* .jar'])
编译com.github.PhilJay:MPAndroidChart:V2.1.0
编译com.melnykov:floatingactionbutton:1.3.0
编译com.mcxiaoke.volley:图书馆:1.0 +。
编译com.nispok:小吃店:2.10.2
编译com.android.support:cardview-v7:22.2.0
编译com.android.support:recyclerview-v7:22.2.0
编译uk.co.chrisjenx:书法:2.1.0
编译com.google.android.gms:播放服务:7.5.0
编译com.android.support:appcompat-v7:22.2.0
编译com.github.markushi:Android的用户界面:1.2
编译com.afollestad:材料对话框:0.7.3.1
}
的Manifest.xml
< XML版本=1.0编码=UTF-8&GT?;
<舱单的xmlns:机器人=http://schemas.android.com/apk/res/android
的xmlns:工具=http://schemas.android.com/tools
包=com.AppPackage>
<使用-权限的Android:名称=android.permission.INTERNET对/>
<使用-权限的Android:名称=android.permission.ACCESS_NETWORK_STATE/>
<应用
机器人:MyApplication的NAME =
机器人:allowBackup =真
机器人:图标=@纹理映射/ ic_launcher
机器人:标签=@字符串/ APP_NAME
机器人:主题=@风格/ AppTheme
>
<活动
机器人:名称=。MainActivity
机器人:标签=@字符串/ APP_NAME>
<意向滤光器>
<作用机器人:名称=android.intent.action.MAIN/>
<类机器人:名称=android.intent.category.LAUNCHER/>
&所述; /意图滤光器>
< /活性GT;
<活动
机器人:名称=com.google.android.gms.ads.AdActivity
android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize" />
&所述;元数据
机器人:名称=com.google.android.gms.version
机器人:值=@整数/ google_play_services_version/>
<活动机器人:prefs_ActivityNAME =>
< /活性GT;
<活动
机器人:名称=。Guide_Activity
机器人:标签=@字符串/ title_activity_>
< /活性GT;
<活动
机器人:名称=。Picker_Activity
机器人:标签=@字符串/ title_activity_>
< /活性GT;
< /用途>
< /舱单>
更新:
由于CommonsWare的答案,我发现明显的合并释放-REPORT.TXT,以及谁在使用这些权限。这些地图和钱包的API。 我从这个分开播放服务:
编译com.google.android.gms:玩-服务:7.5.0
这(我需要现在):
编译com.google.android.gms:玩 - 服务 - 分析:7.5.0
编译com.google.android.gms:玩-服务加:7.5.0
编译com.google.android.gms:播放服务,广告:7.5.0
编译com.google.android.gms:播放服务,appindexing:7.5.0
结果:
- 删除不必要的权限
- 在apk文件大小减少到500KB
- 开始认真对待API分离
为什么需要我没有问权限?
由于要装载在11个图书馆,以及一个或更多的人所要求的这些权限。特别是,要加载在 com.google.android.gms:玩-服务,这将需要大量的权限。例如,播放服务具有稠合位置的API和谷歌地图,这两者需要位置数据
一个清单合并报告应写入建立/输出/ APK / 您的项目或模块(的例如,在应用程序/ 在传统的Android Studio项目)。你可以用它来尝试确定的其他权限的来源。然后,停止使用这些库,或者切换到别的东西。在播放业务的情况下,而不加载的所有的的播放服务,负载只是你需要的作品。这是覆盖在的文档(参见选择性编译的API到你的可执行文件部分)。
I have Just released an app that has two permission in its manifest file (to show banner ads). "android.permission.INTERNET" and "android.permission.ACCESS_NETWORK_STATE". For testing I tried to install my app from the play market and discovered that the app required Identity, Location, Photo/Media/Files!! There is no such permissions in my manifest file, and I don't need them. Tried my other apps with similar manifest.xml (internet, network state) they are installing without any special permissions. Considering new content rating certificate system, i might have problems because in questionnaire i marked that don't need user location. Why it requires permissions that I didn't ask? I'm using android studio and build.gradle:
android {
compileSdkVersion 22
buildToolsVersion "22.0.1"
defaultConfig {
applicationId "com.appName"
minSdkVersion 15
targetSdkVersion 22
versionCode 1
versionName "1.0"
}
buildTypes {
release {
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
}
}
}
repositories {
maven {
url "https://jitpack.io"
}
}
dependencies {
compile fileTree(dir: 'libs', include: ['*.jar'])
compile 'com.github.PhilJay:MPAndroidChart:v2.1.0'
compile 'com.melnykov:floatingactionbutton:1.3.0'
compile 'com.mcxiaoke.volley:library:1.0.+'
compile 'com.nispok:snackbar:2.10.2'
compile 'com.android.support:cardview-v7:22.2.0'
compile 'com.android.support:recyclerview-v7:22.2.0'
compile 'uk.co.chrisjenx:calligraphy:2.1.0'
compile 'com.google.android.gms:play-services:7.5.0'
compile 'com.android.support:appcompat-v7:22.2.0'
compile 'com.github.markushi:android-ui:1.2'
compile 'com.afollestad:material-dialogs:0.7.3.1'
}
Manifest.xml
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="com.AppPackage" >
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<application
android:name=".MyApplication"
android:allowBackup="true"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme"
>
<activity
android:name=".MainActivity"
android:label="@string/app_name" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<activity
android:name="com.google.android.gms.ads.AdActivity"
android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize" />
<meta-data
android:name="com.google.android.gms.version"
android:value="@integer/google_play_services_version" />
<activity android:name=".Prefs_Activity" >
</activity>
<activity
android:name=".Guide_Activity"
android:label="@string/title_activity_" >
</activity>
<activity
android:name=".Picker_Activity"
android:label="@string/title_activity_" >
</activity>
</application>
</manifest>
Update:
Thanks to CommonsWare's answer I have found "manifest-merger-release-report.txt", and who uses these permissions. These are maps and wallet APIs. I have separated play service from this:
compile 'com.google.android.gms:play-services:7.5.0'
to this(all I need for now):
compile 'com.google.android.gms:play-services-analytics:7.5.0'
compile 'com.google.android.gms:play-services-plus:7.5.0'
compile 'com.google.android.gms:play-services-ads:7.5.0'
compile 'com.google.android.gms:play-services-appindexing:7.5.0'
Results:
- removed unnecessary permissions
- apk size reduced up to 500kb
- started to take seriously API separation
Why it requires permissions that I didn't ask?
Because you are loading in 11 libraries, and one or more of them are asking for these permissions. In particular, you are loading in com.google.android.gms:play-services, and it will require a lot of permissions. For example, Play Services has the fused location API and Google Maps, both of which need location data.
A manifest merger report should be written to build/outputs/apk/ of your project or module (e.g., in app/ in a traditional Android Studio project). You can use this to try to determine where the additional permissions are coming from. Then, stop using those libraries, or switch to something else. In the case of Play Services, rather than loading in all of Play Services, load in only the pieces that you need. That is covered in the documentation (see the "Selectively compiling APIs into your executable" section).
这篇关于用户收到未列入清单的权限请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
