[英]How to securely load an image from camera and display it in full size on Android?
為了安全起見,建議我避免使用 getExternalFilesDir(Environment.DIRECTORY_PICTURES) 來存儲文件並使用 File.createTempFile 創建不安全的臨時文件。
我們如何以安全的方式重寫它?
clTakeBottomSheetCamera.setOnClickListener(v -> {
Intent intent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
if (intent.resolveActivity(getPackageManager()) != null) {
try {
profilePhotoFile = createPhotoFile(tag); // FIXME <--
Uri photoURI = FileProvider.getUriForFile(context, "com.test.test" + ".provider", profilePhotoFile);
intent.putExtra(MediaStore.EXTRA_OUTPUT, photoURI);
startActivityForResult(intent, REQUEST_CODE_CAPTURE_PASSPORT_IMAGE);
} catch (IOException e) {
e.printStackTrace();
}
}
});
private File createPhotoFile(String tag) throws IOException {
String timeStamp = new SimpleDateFormat("yyyyMMdd_HHmmss", Locale.getDefault()).format(new Date());
String imageFileName = custPhoneNumber + "_" + timeStamp + "_";
File storageDir = getExternalFilesDir(Environment.DIRECTORY_PICTURES); // FIXME: Insecure data storage
File imgFile = File.createTempFile(imageFileName, ".jpg", storageDir); // FIXME: Insecure temporary file creation
profilePhotoPath = imgFile.getAbsolutePath();
return imgFile;
}
@Override
protected void onActivityResult(int requestCode, int resultCode, Intent data) {
if (requestCode == REQUEST_CODE_CAPTURE_PASSPORT_IMAGE && resultCode == RESULT_OK) {
// Display the captured image in an ImageView with Glide
Glide.with(activity).load(profilePhotoPath).into(ivCustomerPhotoActivation);
}
}
File storageDir = getExternalFilesDir(Environment.DIRECTORY_PICTURES); // FIXME: Insecure data storage
而不是getExternalFilesDir()
,使用getFilesDir()
或getCacheDir()
,並調整您的FileProvider
元數據以匹配。
File imgFile = File.createTempFile(imageFileName, ".jpg", storageDir); // FIXME: Insecure temporary file creation
如果您解決了較早的問題,則不應再將其視為不安全的。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.