v1.6: fix HIGH security vuln — remove plaintext cookie backup

Browse Source

- Remove KEY_COOKIES_BACKUP plaintext fallback from PreferencesManager
- getCookies() now fails closed (force re-login) if EncryptedSharedPreferences unavailable
- Set android:allowBackup="false" to prevent adb backup extraction of session data
- Add missing gradle-wrapper.jar to repo

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

...

This commit is contained in:

Amir Khodak

2026-05-22 18:28:26 +00:00

parent b3b69dd2b2

commit 8d1cf21966

7 changed files with 183 additions and 25 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

gradle/wrapper/gradle-wrapper.jar

Vendored

BIN

Binary file not shown.