8 lines
687 B
Plaintext
8 lines
687 B
Plaintext
== Recommended Secure Coding Practices
|
|
|
|
* Use internal storage whenever possible as the system prevents other apps from accessing this location.
|
|
* Only use external storage if you need to share non-sensitive files with other applications.
|
|
* If your application has to use the external storage to store sensitive data, make sure it encrypts the files using https://developer.android.com/reference/androidx/security/crypto/EncryptedFile[EncryptedFile].
|
|
* Data coming from external storage should always be considered untrusted and should be validated.
|
|
* As some external storage can be removed, make sure to never store files on it that are critical for the usability of your application.
|