https://stackoverflow.com/questions/19471969
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThe URL can be obfuscated using things like encryption, base64 encoding and whatnot, but nothing you do to affect the client application can secure your URL. A savvy programmer will always be able to identify what messages your application is sending out; If you want security, secure the server, not the client
Obfuscate URLs in Android client application
Question
I wrote an android client app in which I am using static URLs to "post" to my server. I decompiled the APK using APKTool and found tht I could see the URL I mentioned in the .java code in the .smali file it generated. I want to avoid having this URL shown like this. Is there any way to hide /obfuscate the URL in the java code?
This is the sample from the decompiled .smali file.
invoke-direct {v8}, Lorg/apache/http/impl/client/DefaultHttpClient;-><init>()V
.line 194
.local v8, httpclient:Lorg/apache/http/impl/client/DefaultHttpClient;
new-instance v9, Lorg/apache/http/client/methods/HttpPost;
const-string v23, "http://example.com/getdata.php"
move-object/from16 v0, v23
invoke-direct {v9, v0}, Lorg/apache/http/client/methods/HttpPost;-><init>(Ljava/lang/String;)V
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
