Closed cpholguera closed 2 years ago
Same permission will be introduced in iOS. Both should be updated.
Can you provide a link for the APIs? Using linkedin as a search term doesn't help either.
For Android I found this one: https://developer.android.com/training/data-storage/shared/media#scoped_storage_enabled
Don't unnecessarily request storage-related permissions for devices that run Android 10 or higher. Your app can contribute to well-defined media collections, including the MediaStore. Downloads collection, without requesting any storage-related permissions. If you're developing a camera app, for example, you don't need to request storage-related permissions because your app owns the images that you're writing to the media store.
Is this the one?
For iOS, is it this one: https://developer.apple.com/documentation/photokit/requesting_authorization_to_access_photos?
Note
When using the UIImagePickerController to bring up the user's photo library, your app doesn't need to request permission explicitly.
The iOS one is right, exactly what I meant. But for Android it's not quite. Maybe something regarding ImagePicker as in iOS?
Seems in iOS 14 Apple introduced a replacement for UIImagePicker - PHPicker. I suppose in such a case, need to discuss both the APIs and mentioning which iOS version supports it.
PR #1845 only covers iOS part. Android part is still open, as I haven't found the complete information yet. I will open a new PR for Android.
anything new on this @su-vikas?
On Android it's possible for an app to request the user to select a picture and upload it without having to request read access to files. Add the corresponding API and info to
https://github.com/OWASP/owasp-mstg/blob/e6ddca17b0a95e521463cf66892a0e4496cd0e7d/Document/0x05h-Testing-Platform-Interaction.md#permission-analysis
Example app: LinkdIn