Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The
external-pathelement exposes the entireDownload/directory and all its subdirectories to other apps through FileProvider. This creates a broad security surface since any file placed inDownload/can now be shared via content URIs. Consider usingexternal-files-pathwithgetExternalFilesDir(Environment.DIRECTORY_DOWNLOADS)instead, which provides app-specific external storage that doesn't require broad access permissions and is automatically cleaned up when the app is uninstalled.There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This app intentionally uses
<external-path path="Download/" />because the exported files (custom RPC configs) are meant to be directly accessible by the user in the publicDownload/Kizzy/directory.The main goal of this feature is to let users easily locate, edit, or share their exported configuration without needing developer tools or special file access.
Using
<external-files-path>would place the file inside/Android/data/<package>/files/Download/, which is not visible to most file managers on Android 11+ due to scoped storage restrictions.That would make the “Export Config” feature confusing and effectively unusable for end users.
The chosen implementation limits access to the
Download/directory only (and its subdirectories), which is acceptable for user-generated exports and does not expose sensitive app data.In short, this is a deliberate design choice prioritizing user accessibility over isolation, within a controlled and predictable export path.