Exit URL Launching
  • 11 Nov 2024
  • 4 Minutes to read
  • Dark
    Light

Exit URL Launching

  • Dark
    Light

Article summary

AndroidiOS

Android

If App Shielding shuts down the application due to a configured policy, a web browser can be launched with a preconfigured URL to explain the problem to the user. If no URL is configured, the web browser is not invoked.

This exit URL can use variable placeholders that are substituted by App Shielding to provide information inside the URL itself.  

Some features of exit URL launching have been deprecated and removed:

  • Exit URL on emulator detection

  • Exit URL on repackaging detection

The following variable substitutions are available:

Android variable substitutions of the URL

Placeholder

Callback

Substitution

%REASON%

All

The reason of the shutdown as a decimal code. (See also App Shielding Error Reporting.)

%MANUFACTURER%

All

The device manufacturer.

%MODEL%

All

The device model name.

%ANDROID%

All

The Android API level of the device.

%VERSION%

All

The App Shielding version.

%ROOT%

exitOnRooting

A 4-byte hex value that gives more information about the rooting detected by App Shielding. The first two bytes are the boolean rooting detection value and the heuristics detection value. These values are somewhat obfuscated to make it harder for attackers to use them when trying to circumvent App Shielding. To recover the boolean detection value, subtract 0x3F from the first byte (note that you have to work on 8-bit unsigned integers). To recover the heuristics value, xor the second byte with the first byte and then subtract 0xEA (again, using 8-bit unsigned integers). The last two bytes provide more information about how the rooting was detected. Please supply this value to OneSpan to help diagnosing a problem.

%KEYBOARD%

exitOnUntrustedKeyboard

The package name of the untrusted keyboard.

%KEYBOARDNAME%

exitOnUntrustedKeyboard

The name of the untrusted keyboard.

%KEYBOARDVERSION%

exitOnUntrustedKeyboard

The version of the untrusted keyboard.

%KEYBOARDSIGNER%

exitOnUntrustedKeyboard

The subject of the signing certificate used to sign the untrusted keyboard.

%SCREENREADER%

exitOnUntrustedScreenreaders

The package name of the untrusted screen reader.

%SCREENREADERNAME%

exitOnUntrustedScreenreaders

The name of the untrusted screen reader.

%SCREENREADERVERSION%

exitOnUntrustedScreenreaders

The version of the untrusted screen reader.

%SCREENREADERSIGNER%

exitOnUntrustedScreenreaders

The subject of the signing certificate used to sign the untrusted screen reader.

%VIRTUALSPACEAPP%

exitOnAppInVirtualSpaceURL

The package name of the untrusted virtual space app.

%VIRTUALSPACEAPPNAME%

exitOnAppInVirtualSpaceURL

The name of the untrusted virtual space app.

%VIRTUALSPACEAPPVERSION%

exitOnAppInVirtualSpaceURL

The version of the untrusted virtual space app.

%HOOKINGFRAMEWORKS%

exitOnHookingFrameworks

A 1-byte hex value that provides information about how the hooking framework was detected. Please supply this value to OneSpan to help diagnosing a problem.

Limitations

Exit URLs are primarily designed to provide useful feedback to the end user on why the application stopped working. They are not a reliable reporting mechanism for the app owner.

An exit URL is loaded in the device's main browser and could end up as a lingering browser tab/window until the user closes it. This can cause the browser to trigger additional page loads of the configured URL when the user activates the browser at a later point, flips through the various tabs/windows, or uses the back button to revisit the page. This behavior can lead to misleading statistics, if you track page views on your server.

Furthermore, App Shielding cannot guarantee that the URL is ever loaded, or that it is loaded only once. In the event that an attacker is probing the defenses of the app—for example, attempting to attach a debugger to the application—this would cause App Shielding to shut down the application and open the configured exitOnDebuggerURL. This is opened in the main browser. The attacker can easily prevent this, for example by putting the device in flight mode. This prevents your customer from depending on this data, and should have no presumptions that any such "hacking attempts" will always be reported to and seen on their server.

iOS

If App Shielding shuts down the application due to a configured policy, a web browser can be launched with a preconfigured URL to explain the problem to the user. If no URL is configured, the web browser is not invoked.

This exit URL can use variable placeholders that are substituted by App Shielding to provide information inside the URL itself.  

Some features of exit URL launching have been deprecated and removed:

  • Exit URL on emulator detection

  • Exit URL on repackaging detection

The following variable substitutions are provided.

iOS variable substitutions of the URL

Placeholder

Callback

Substitution

%REASON%

All

The reason of the shutdown as a decimal code. (See also List of shutdown reasons.)

%MANUFACTURER%

All

The device manufacturer.

%MODEL%

All

The device model name.

%OSVER%

All

The version of the device's operating system.

%IOS%

All

The iOS version of the device.

Use the %OSVER% placeholder instead, as this placeholder will be deprecated in the future.

%VERSION%

All

The App Shielding version.

%JAILBREAK%

exitOnJailbreak

A 1-byte hex value providing more detailed information about the jailbreak detected by App Shielding. Please supply this value to technical support to diagnose any problems with jailbreak detection.

The following %REASON% shutdown codes are possible:

List of shutdown reasons

Code

Description

00

Policy violation: Device is jailbroken.

01

Policy violation: Application is being debugged.

03

Policy violation: A screenshot of the application was taken.

04

Policy violation: An injected library was found in the process.

05

Policy violation: A hooking framework was found in the process.

06

Policy violation: A screen recording of the application was started.

07

Policy violation: iOS app running on macOS.

08

Policy violation: Running on emulator.

09

Policy violation: Running with Developer Mode enabled.

An example configuration could look like the following:

<exitOnJailbreakURL
v="https://www.example.com?reason=%REASON%&amp;manufacturer=%MANUFACTURER%&amp;model=%MODEL%&amp;osver=%OSVER%&amp;version=%VERSION%&amp;jailbreak=%JAILBREAK%"/>

Limitations

Exit URLs are primarily designed to provide useful feedback to the end user on why the application stopped working. They are not a reliable reporting mechanism for the app owner.

An exit URL is loaded in the device's main browser and could end up as a lingering browser tab/window until the user closes it. This can cause the browser to trigger additional page loads of the configured URL when the user activates the browser at a later point, flips through the various tabs/windows, or uses the back button to revisit the page. This behavior can lead to misleading statistics, if you track page views on your server.

Furthermore, App Shielding cannot guarantee that the URL is ever loaded. For example, the user’s device could be in flight mode and would not have a connection to load the URL in the browser. Thus, you should not rely on this feature as a way to collect data on security issues.


Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, our interactive help assistant