Manifest Best Practices: Activity: task affinity should not be set :: Recipe Details

Recipe Name:

Manifest Best Practices: Activity: task affinity should not be set

Description:

Task affinity should not be set for private activities

Level:

warning

Language:

Tags:

security
framework specific
mobile
Android

Documentation

The Android best practices and coding guidelines recommend that some properties should not be set to in the Android Manifest when dealing with private activities. Private activities are activities that do not have the android:export attribute set to true. The properties to avoid are: android:taskAffinity and android:launchMode.

Before

<application android:allowBackup="true" android:allowBackup="true" ... />

After

<application ... />

Recipe

id: scw:android:manifest:taskAffinity
version: 10
metadata:
  name: 'Manifest Best Practices: Activity: task affinity should not be set'
  shortDescription: Task affinity should not be set for private activities
  level: warning
  language: xml
  enabled: true
  descriptionFile: descriptions/Manifest_Best_Practices_Private_activities.html
  tags: security;framework specific;mobile;Android
search:
  attribute:
    allOf:
    - in:
        file:
          name: AndroidManifest.xml
    - in:
        element:
          tagName:
            is: activity
          without:
            attribute:
              name:
                is: android:export
              value: "true"
    name:
      is: android:taskAffinity
availableFixes:
- name: Remove the taskAffinity attribute
  actions:
  - remove:
      target: self