Skip to content
This repository has been archived by the owner on May 15, 2024. It is now read-only.

Fix MediaPicker capture methods in Android 13+ #2073

Merged
merged 5 commits into from
Jan 26, 2023
Merged

Fix MediaPicker capture methods in Android 13+ #2073

merged 5 commits into from
Jan 26, 2023

Conversation

mattleibow
Copy link
Contributor

Thanks to @Ghostbird in dotnet/maui#12766

Description of Change

Fix the MediaPicker that is requesting permissions that are not correct for Android 33.

Bugs Fixed

Provide links to issues here. Ensure that a GitHub issue was created for your feature or bug fix before sending PR.

API Changes

None.

Behavioral Changes

Skips the check for StorageWrite because that permission is not needed and probably not needed in many versions...

PR Checklist

  • Has tests (if omitted, state reason in description)
  • Has samples (if omitted, state reason in description)
  • Rebased on top of main at time of PR
  • Changes adhere to coding standard
  • Updated documentation (see walkthrough)

@mattleibow
Copy link
Contributor Author

/azp run

@azure-pipelines
Copy link

Azure Pipelines successfully started running 1 pipeline(s).

mattleibow
mattleibow commented Jan 24, 2023
View reviewed changes
Xamarin.Essentials/SecureStorage/SecureStorage.android.cs
Comment on lines -131 to +135
// While MD5 is deemed to be not secure anymore, it is not used in a security context here.
// Here we hash a key value to ensure compatibility with the underlying platform's preferences storage (so the key was a determinate length and didn't exceed platform limits).
// As part as Microsofts ongoing efforts to secure the .NET ecosystem, this usage of an insecure hashing mechanism was flagged.
// An exception has been requested for the usage of this "unsafe" hashing mechanism.
// More details here (internal link): https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1676270
// While MD5 is deemed to be not secure anymore, it is not used in a security context here.
// Here we hash a key value to ensure compatibility with the underlying platform's preferences storage (so the key was a determinate length and didn't exceed platform limits).
// As part as Microsofts ongoing efforts to secure the .NET ecosystem, this usage of an insecure hashing mechanism was flagged.
// An exception has been requested for the usage of this "unsafe" hashing mechanism.
// More details here (internal link): https://devdiv.visualstudio.com/DevDiv/_workitems/edit/1676270
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

CI is failing with:

error SA1027: Tabs and spaces should be used correctly

@jfversluis jfversluis merged commit 3bad14f into main Jan 26, 2023
@jfversluis jfversluis deleted the dev/fix-mediapicker branch January 26, 2023 08:50
@jfversluis jfversluis added this to the 1.7.5 milestone Jan 26, 2023
@samir05051994 samir05051994 mentioned this pull request Jan 26, 2023
Closed
@JaixTim
Copy link

JaixTim commented Jan 26, 2023

Is there an ETA on 1.7.5 milestone with this fix?

@JaixTim
Copy link

JaixTim commented Feb 13, 2023

Does anyone realise the latest release that this PR went into is not on nuget due to a build failure? Is there anyone able to fix that?

@jfversluis
Copy link
Member

Sorry it took a little while @JaixTim! I have just released it now

@jfversluis jfversluis mentioned this pull request Feb 14, 2023
Open
@suhas100
Copy link

suhas100 commented Feb 14, 2023
edited
Loading

@jfversluis are you working on a solution for this?

@jfversluis
Copy link
Member

@suhas100 this is fixed and released as part of Essentials 1.7.5

@ToolmakerSteve
Copy link

@jfversluis - this SO thread says they are using Xamarin.Essentials(1.7.5), but still getting "Denied" when they do MediaPicker.PickPhotoAsync.

@Ghostbird
Copy link

Ghostbird commented May 19, 2023
edited
Loading

@ToolmakerSteve Note that the SO talks about the read permission when using PickPhotoAsync. The error that was fixed in MAUI and merged in this PR, is that it incorrectly requested write permissions when using CapturePhotoAsync. This seems a completely different bug. What they share is that they are both ultimately caused by permission changes in the Android API.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@Ghostbird Ghostbird Ghostbird left review comments

@jfversluis jfversluis jfversluis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.7.5
6 participants
@mattleibow @JaixTim @jfversluis @suhas100 @ToolmakerSteve @Ghostbird