1

recently some one told me that he retrieves all the url requests from my android application and he sent them to me . I'm using proguard in my application but he told me there are some ways that he can monitor the url requests .

I'm using URLConnection in my application .

how can I hide the url requests and somehow encrypt the urls so no one can read and access my url requestes ?

Navid Abutorab
  • 1,667
  • 7
  • 31
  • 58
  • You can change string url using different rules of string orations like split , replacing etc to make it complicated and proguard will make it more difficult to get it – Sagar gujarati Sep 25 '19 at 05:44
  • checkout this link: https://stackoverflow.com/questions/47174192/how-to-secure-webservice-url – YuvrajsinhJadeja Sep 25 '19 at 05:46
  • make sure minifyenabled is true in your gradle!! – Mr. Patel Sep 25 '19 at 05:54
  • you can also add a header to your request....and in your server you can just reject the request which do not have the authorization key in their header...they can see your url but they cannot access it – unownsp Sep 25 '19 at 06:02
  • Try with HTTPS and add SSL(TSL) pinning to the network call. @navid abutorab – Shivam Sep 25 '19 at 11:09
  • How about [this](https://stackoverflow.com/a/47942035/12061245)? I think that answer can help you. Don't forget HTTPS! – Thaw De Zin Jan 20 '20 at 04:27

3 Answers3

2

You can't. It's quite easy to use a proxy to catch all network traffic and check what you are using. If the problem is related with the content, then you can switch from http to https, but the host will be always visible. Actually as user I would be really scared about an app that want to hide such information however.

greywolf82
  • 21,813
  • 18
  • 54
  • 108
0

USE https instead of http, it is secured.

Bhoomin Naik
  • 402
  • 4
  • 7
0

Try with HTTPS and add SSL(TSL) pinning to the network call.

Shivam
  • 109
  • 2
  • 11