Exit URL Launching on Android
- 28 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
Exit URL Launching on Android
- Updated on 28 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
If App Shielding shuts down the application due to a configured policy, a web browser can be launched with a preconfigured URL to explain the problem to the user. If no URL is configured, the web browser is not invoked.
This exit URL can use variable placeholders that are substituted by App Shielding to provide information inside the URL itself.
Some features of exit URL launching have been deprecated and removed:
Exit URL on emulator detection
Exit URL on repackaging detection
The following variable substitutions are available:
Android variable substitutions of the URL | ||
Placeholder | Callback | Substitution |
|---|---|---|
%REASON% | All | The reason of the shutdown as a decimal code. (See also App Shielding Error Reporting.) |
%MANUFACTURER% | All | The device manufacturer. |
%MODEL% | All | The device model name. |
%ANDROID% | All | The Android API level of the device. |
%VERSION% | All | The App Shielding version. |
%ROOT% | exitOnRooting | A 4-byte hex value that gives more information about the rooting detected by App Shielding. The first two bytes are the boolean rooting detection value and the heuristics detection value. These values are somewhat obfuscated to make it harder for attackers to use them when trying to circumvent App Shielding. To recover the boolean detection value, subtract 0x3F from the first byte (note that you have to work on 8-bit unsigned integers). To recover the heuristics value, xor the second byte with the first byte and then subtract 0xEA (again, using 8-bit unsigned integers). The last two bytes provide more information about how the rooting was detected. Please supply this value to OneSpan to help diagnosing a problem. |
%KEYBOARD% | exitOnUntrustedKeyboard | The package name of the untrusted keyboard. |
%KEYBOARDNAME% | exitOnUntrustedKeyboard | The name of the untrusted keyboard. |
%KEYBOARDVERSION% | exitOnUntrustedKeyboard | The version of the untrusted keyboard. |
%KEYBOARDSIGNER% | exitOnUntrustedKeyboard | The subject of the signing certificate used to sign the untrusted keyboard. |
%SCREENREADER% | exitOnUntrustedScreenreaders | The package name of the untrusted screen reader. |
%SCREENREADERNAME% | exitOnUntrustedScreenreaders | The name of the untrusted screen reader. |
%SCREENREADERVERSION% | exitOnUntrustedScreenreaders | The version of the untrusted screen reader. |
%SCREENREADERSIGNER% | exitOnUntrustedScreenreaders | The subject of the signing certificate used to sign the untrusted screen reader. |
%VIRTUALSPACEAPP% | exitOnAppInVirtualSpaceURL | The package name of the untrusted virtual space app. |
%VIRTUALSPACEAPPNAME% | exitOnAppInVirtualSpaceURL | The name of the untrusted virtual space app. |
%VIRTUALSPACEAPPVERSION% | exitOnAppInVirtualSpaceURL | The version of the untrusted virtual space app. |
%HOOKINGFRAMEWORKS% | exitOnHookingFrameworks | A 1-byte hex value that provides information about how the hooking framework was detected. Please supply this value to OneSpan to help diagnosing a problem. |
Limitations
Exit URLs are primarily designed to provide useful feedback to the end user on why the application stopped working. They are not a reliable reporting mechanism for the app owner.
An exit URL is loaded in the device's main browser and could end up as a lingering browser tab/window until the user closes it. This can cause the browser to trigger additional page loads of the configured URL when the user activates the browser at a later point, flips through the various tabs/windows, or uses the back button to revisit the page. This behavior can lead to misleading statistics, if you track page views on your server.
Furthermore, App Shielding cannot guarantee that the URL is ever loaded, or that it is loaded only once. In the event that an attacker is probing the defenses of the app—for example, attempting to attach a debugger to the application—this would cause App Shielding to shut down the application and open the configured exitOnDebuggerURL. This is opened in the main browser. The attacker can easily prevent this, for example by putting the device in flight mode. This prevents your customer from depending on this data, and should have no presumptions that any such "hacking attempts" will always be reported to and seen on their server.
Was this article helpful?