amir/claude-usage-widget
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 9 Wiki Activity

v1.6: fix HIGH security vuln — remove plaintext cookie backup

Browse Source 
- Remove KEY_COOKIES_BACKUP plaintext fallback from PreferencesManager
- getCookies() now fails closed (force re-login) if EncryptedSharedPreferences unavailable
- Set android:allowBackup="false" to prevent adb backup extraction of session data
- Add missing gradle-wrapper.jar to repo

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Amir Khodak
2026-05-22 18:28:26 +00:00
parent b3b69dd2b2
commit 8d1cf21966
7 changed files with 183 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files
gradle/wrapper/gradle-wrapper.jar
Vendored
BIN
View File
Binary file not shown.
gradle/wrapper/gradle-wrapper.properties
Vendored
+2 -4
View File
@@ -1,7 +1,5 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
distributionUrl=https\://services.gradle.org/distributions/gradle-8.6-bin.zip
networkTimeout=10000
validateDistributionUrl=true
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME