class Analyzer::Mobile::Android

Overview

Parses AndroidManifest.xml to surface mobile app entry points:

One endpoint is emitted per deep-link URI; the handling component lives in metadata["via"], not a separate entry. A bare intent://component endpoint models the Android IPC surface: it is emitted for an exported component whose filter declares an action but no URI (and isn't the launcher), and for an exported component with no intent-filter at all — the latter is still reachable by an explicit intent naming the component (tagged explicit in metadata).

All endpoints keep method = "GET"; the mobile semantics live in protocol (mobile-scheme / universal-link / android-intent). @string/ values are resolved against res/values/strings.xml when present, and gradle manifest placeholders (${applicationId}, custom manifestPlaceholders) against the nearest build.gradle(.kts).

Defined in:

analyzer/analyzers/mobile/android.cr

Constant Summary

ANDROID_NS = "http://schemas.android.com/apk/res/android"
APPLICATION_ID_CONST_RE = /\bapplicationId(?![A-Za-z0-9_])\s*(?:=\s*)?([A-Z][A-Z0-9_]+)\b/

Unquoted value: a gradle constant reference, e.g. applicationId APP_ID (groovy) or applicationId = NEWPIPE_APPLICATION_ID_OLD (kts). The (?![A-Za-z0-9_]) after the key keeps applicationIdSuffix out, and the UPPER_SNAKE value requirement keeps prose in a // applicationId is ... comment from matching (gradle constants are upper-case by convention; a camelCase val is intentionally not followed).

APPLICATION_ID_RE = /\bapplicationId\s*(?:=\s*)?["']([^"']+)["']/

applicationId "com.x" (groovy) / applicationId = "com.x" (kts); the quote requirement keeps applicationIdSuffix from matching.

BUILDSRC_SEARCH_DEPTH = 4

How far up from the module script to look for a buildSrc/ source tree holding shared gradle constants.

GENERIC_SCHEMES = Set {"http", "https", "file", "content"}

Generic/standard schemes carry no app-specific meaning on their own. A host-less http:// / https:// / file:// / content:// is a content-source qualifier — typically paired with a <data mimeType> so the component can open a file type from a browser / file manager — not a deep-link entry point. Custom schemes (myapp://) stay even host-less, since that's how a runtime-routed custom scheme is declared.

LAUNCHER_ACTION = "android.intent.action.MAIN"
LOCAL_SCHEMES = Set {"file", "content"}

Local-content schemes. file:// / content:// URIs always point at on-device content (a file picked from a file manager, a ContentProvider row), never a remotely reachable deep link — so they are suppressed regardless of host (including a bare * wildcard host).

MAX_FILTER_COMBOS = 64

Upper bound on endpoints emitted from a single intent-filter. A media router / browser filter can declare dozens of hosts × paths; the full cross product would flood the inventory with near-duplicates, so past the cap the path dimension is dropped (scheme × host) and, if still over, the result is truncated.

NAMESPACE_CONST_RE = /\bnamespace(?![A-Za-z0-9_])\s*(?:=\s*)?([A-Z][A-Z0-9_]+)\b/
NAMESPACE_RE = /\bnamespace\s*(?:=\s*)?["']([^"']+)["']/
NAV_DEFAULT_SCHEME = "https"

Scheme emitted for scheme-less Navigation URIs. Navigation matches both http and https for them; one canonical https endpoint keeps the inventory free of http/https twins.

NAV_VIEW_ACTION = "android.intent.action.VIEW"
OPAQUE_SCHEMES = Set {"mailto", "tel", "sms", "smsto", "geo"}

Opaque (authority-less) schemes: mailto:foo@bar, tel:123, geo:…. They take no //host part, so the URL is rendered as scheme: rather than scheme://. Deliberately conservative: market://details?id=… (Play Store) and mms://host (media streaming, e.g. VLC) DO use an authority, so they are NOT listed here.

PLACEHOLDER_INDEX_RE = /manifestPlaceholders\s*\[\s*["'](\w+)["']\s*\]\s*=\s*["']([^"']*)["']/

manifestPlaceholders["key"] = "value" / manifestPlaceholders.put("key", "value") (kts).

PLACEHOLDER_MAP_RE = /manifestPlaceholders[^\[(\n]*[\[(]([^\])]*)/

The bracketed segment after manifestPlaceholders — a groovy map literal (= [k: "v"]), a kts += mapOf("k" to "v"), or a putAll(mapOf(...)) — captured up to the first closing bracket.

PLACEHOLDER_PAIR_RE = /["']?([A-Za-z_]\w*)["']?\s*(?::|\bto\b)\s*["']([^"']*)["']/

key: "value", "key": "value" (groovy) and "key" to "value" (kts).

PLACEHOLDER_PUT_RE = /manifestPlaceholders\s*\.\s*put\s*\(\s*["'](\w+)["']\s*,\s*["']([^"']*)["']\s*\)/

Instance Method Summary

Instance methods inherited from class Analyzer

analyze analyze, base_path : String base_path, base_paths : Array(String) base_paths, callees_needed? : Bool callees_needed?, logger : NoirLogger logger, parallel_analyze(files : Array(String), &block : String -> Nil) parallel_analyze, read_file_content(path : String) : String read_file_content, result : Array(Endpoint) result, url : String url

Constructor methods inherited from class Analyzer

new(options : Hash(String, YAML::Any)) new

Macros inherited from class Analyzer

define_getter_methods(names) define_getter_methods

Instance methods inherited from module FileHelper

all_files : Array(String) all_files, get_files_by_extension(extension : String) : Array(String) get_files_by_extension, get_files_by_prefix(prefix : String) : Array(String) get_files_by_prefix, get_files_by_prefix_and_extension(prefix : String, extension : String) : Array(String) get_files_by_prefix_and_extension, get_public_dir_files(base_path : String, folder : String) : Array(String) get_public_dir_files, get_public_files(base_path : String, anchors : Array(String) = ["shard.yml", "Gemfile"]) : Array(String) get_public_files

Instance Method Detail

def analyze #

[View source]