[Android] Get the phone model after the program runs #1724
Comments
|
Hi - not sure whether you meant to close this? if so can I check why? I don't believe we expose the phone model via the ActionScript APIs there, but there are some bits of information about the hardware that are retrieved in order to make decisions about what's supported (this is more to do with the chipset generally rather than the actual phone model) thanks |
|
QQ农场(同意前手机型号).log |
|
I try to upgrade the air sdk version can it be solved. thanks |
|
Ah - so I've just looked at the implementation of that function: So the model information found here is not made available to any client code but is just used to provide the correct dots-per-inch value. Then in terms of the other entry in that log:
So actually, this build model information is being exposed to anyone who's configured their phone to connect to Scout. Is there a requirement for AIR to not retrieve this information? The usages in this way should not impact any privacy or cause concerns, but if there's a need for some applications to be set up so that they don't access this field, we can probably do something here to block them based on some configuration setting..? thanks |
|
For some reason can't upgrade air sdk now and build,So according to what you said, after I upgrade the air sdk, I will still get the phone model when the program is running, right? thanks |
|
Yes correct, even if you update the AIR SDK you'll still get this issue. We can add something in to stop this happening, which should then be in our next SDK release within 7-10 days... |
|
Just to confirm here though: we would be looking at a configuration setting that you could use, which would mean that your app does not request the model information from the device. So if there is something that monitors the API calls, it won't be hit so would be considered as fine for privacy reasons. However, the code would still be present in the runtime that would have the capability of finding this out, so if there are tools that are scanning the AIR binary to check whether anything could call Build.MODEL, then these would still be found. Will it be acceptable for us just to block any of the calls to Build.MODEL? or are there static analysis tools going on too? thanks |
|
Make sure Build.MODEL is not called. |
|
Okay so to ensure it's not called: as long as you're not connected to Scout, the only place where it should have requested the Build.MODEL is in setting up the capabilities: the below runtime classes just hack that out (so DPI will be wrong on some Samsung phones). If you put this into the SDK under lib/android/lib (back up the original one first perhaps!) then this should work... We'll get a more elegant solution into the SDK soon :-) thanks |
|
Thank you very much for helping to solve the problem, but now there is a new problem that needs your help. |
Hi...
The Android program we built was found in China's testing department, and the phone model was obtained after the program was run.It is not allowed until the user agrees to the relevant agreement.
The text was updated successfully, but these errors were encountered: