-1

I am trying to access my mysql database through PHP. I have the URL and things are working fine but my question is: which is the best way to store the URL in the project? I thought Strings.xml is safe to store all kinds of URL but then realized strings.xml can be decompiled to get the URl easily.

What / where is the best way to store the URL in my android?

Thanks!

TheDevMan
  • 5,914
  • 12
  • 74
  • 144

3 Answers3

2

Everything is useless, URL can be easily seen with proxy even if you use proguard or string encryption or HTTPS. You can't hide it. You only can add authentication to protect data.

Sergey Glotov
  • 20,200
  • 11
  • 84
  • 98
1

I don't see much advantage in hiding/obfuscating URLs as urls could easily be seen through network tools. but

So, If you want that some one can not easily decompile and see any string you are saving, you can obfuscate the code. Some options include

  1. Use dexguard https://www.guardsquare.com/dexguard. It is made by the same developer (Eric) who also developed proguard.

OR

  1. Obfuscate yourself cleverly. Something like Simple hiding/obfuscation of strings in APK?
Community
  • 1
  • 1
Gaurav Vashisth
  • 7,547
  • 8
  • 35
  • 56
0

1.Store them as String constants public static final in a separate class if they are not going to change.

  1. Store them in android:tag

Tags

Unlike IDs, tags are not used to identify views. Tags are essentially an extra piece of information that can be associated with a view. They are most often used as a convenience to store data related to views in the views themselves rather than by putting them in a separate structure.

android:tag="www.xyz.com"

and get using view.getTag()

Note: The above are the few ways of storing URLs in android but from security perspective as I commented below you should look to secure your APIs on server side instead of worrying about hiding on client side as everything can be decompiled.

Amey Shirke
  • 599
  • 1
  • 5
  • 16