ChatGPT解决这个技术问题 Extra ChatGPT

android.os.FileUriExposedException: file:///storage/emulated/0/test.txt exposed beyond app through Intent.getData()

The app is crashing when I'm trying to open a file. It works below Android Nougat, but on Android Nougat it crashes. It only crashes when I try to open a file from the SD card, not from the system partition. Some permission problem?

Sample code:

File file = new File("/storage/emulated/0/test.txt");
Intent intent = new Intent(Intent.ACTION_VIEW);
intent.setDataAndType(Uri.fromFile(file), "text/*");
intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
startActivity(intent); // Crashes on this line

Log:

android.os.FileUriExposedException: file:///storage/emulated/0/test.txt exposed beyond app through Intent.getData()

Edit:

When targeting Android Nougat, file:// URIs are not allowed anymore. We should use content:// URIs instead. However, my app needs to open files in root directories. Any ideas?

I feel like this was a mistake which makes life unnecessarily difficult for app developers. Having to bundle a "FileProvider" and "authority" with each app, seems like Enterprisey boilerplate. Having to add a flag to every file intent seems awkward and possibly unnecessary. Breaking the elegant concept of "paths" is unpleasant. And what's the benefit? Selectively granting storage access to apps (while most apps have full sdcard access, especially ones that work on files)?
try this , small and perfect code stackoverflow.com/a/52695444/4997704
@nyanpasu64 I agree. Google has started to humiliates itself by some changes since API 19
IMHO, I think Google basically wants to know where you save your files. reading the path from the Manifest. So, they can treat automatically that path...

l
logankilpatrick

If your targetSdkVersion >= 24, then we have to use FileProvider class to give access to the particular file or folder to make them accessible for other apps. We create our own class inheriting FileProvider in order to make sure our FileProvider doesn't conflict with FileProviders declared in imported dependencies as described here.

Steps to replace file:// URI with content:// URI:

Add a FileProvider tag in AndroidManifest.xml under tag. Specify a unique authority for the android:authorities attribute to avoid conflicts, imported dependencies might specify ${applicationId}.provider and other commonly used authorities.

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    ...
    <application
        ...
        <provider
            android:name="androidx.core.content.FileProvider"
            android:authorities="${applicationId}.provider"
            android:exported="false"
            android:grantUriPermissions="true">
            <meta-data
                android:name="android.support.FILE_PROVIDER_PATHS"
                android:resource="@xml/provider_paths" />
        </provider>
    </application>
</manifest>

Then create a provider_paths.xml file in res/xml folder. A folder may be needed to be created if it doesn't exist yet. The content of the file is shown below. It describes that we would like to share access to the External Storage at root folder (path=".") with the name external_files.

<?xml version="1.0" encoding="utf-8"?>
<paths>
    <external-path name="external_files" path="."/>
</paths>

The final step is to change the line of code below in Uri photoURI = Uri.fromFile(createImageFile()); to Uri photoURI = FileProvider.getUriForFile(context, context.getApplicationContext().getPackageName() + ".provider", createImageFile());

Edit: If you're using an intent to make the system open your file, you may need to add the following line of code: intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);

Please refer to the full code and solution that have been explained here.


I just needed to add intent.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
Will it work for all Android versions, or just from API 24?
this article helped me medium.com/@ali.muzaffar/…
@rockhammer I just tested this with Android 5.0, 6.0, 7.1 and 8.1, it works in all cases. So the (Build.VERSION.SDK_INT > M) condition is useless.
FileProvider should be extended only if you want to override any of the default behavior, otherwise use android:name="android.support.v4.content.FileProvider". See developer.android.com/reference/android/support/v4/content/…
h
hqzxzwb

Besides the solution using the FileProvider, there is another way to work around this. Simply put

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder();
StrictMode.setVmPolicy(builder.build());

in Application.onCreate(). In this way the VM ignores the file URI exposure.

Method

builder.detectFileUriExposure()

enables the file exposure check, which is also the default behavior if we don't setup a VmPolicy.

I encountered a problem that if I use a content:// URI to send something, some apps just can't understand it. And downgrading the target SDK version is not allowed. In this case my solution is useful.

Update:

As mentioned in the comment, StrictMode is diagnostic tool, and is not supposed to be used for this problem. When I posted this answer a year ago, many apps can only receive File uris. They just crash when I tried to send a FileProvider uri to them. This is fixed in most apps now, so we should go with the FileProvider solution.


@LaurynasG From API 18 to 23, android does not check for file uri exposure by default. Calling this method enables this check. From API 24, android does this check by default. But we can disable it by setting a new VmPolicy.
Is there any other step needed for this to work? Doesn't work as it stands for my Moto G running Android 7.0.
How this can solve this problem however , StrictMode is a diagnostic tools that should be enabled in developer mode not release mode ???
@ImeneNoomene Actually we are disabling StrictMode here. It seems reasonable that StrictMode should not be enabled in release mode, but in fact Android enables some StrictMode options by default regardless of debug mode or release mode. But one way or another, this answer was meant only to be a workaround back when some target apps were not prepared for receiving content uris. Now that most apps have added support for content uris, we should use the FileProvider pattern.
@ImeneNoomene I am totally with you in your outrage. You're right, this is a diagnostic tool, or at least it was ages ago when I added it to my projects. This is super frustrating! StrictMode.enableDefaults();, which I run only on my development builds keeps this crash from happening - so I now have a production application which crashes but it doesn't crash when in development. So basically, enabling a diagnostic tool here hides a serious issue. Thanks @hqzxzwb for helping me demystify this.
M
Miguel Beltran

If targetSdkVersion is higher than 24, then FileProvider is used to grant access.

Create an xml file(Path: res\xml) provider_paths.xml

<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
    <external-path name="external_files" path="."/>
</paths>

Add a Provider in AndroidManifest.xml

    <provider
        android:name="android.support.v4.content.FileProvider"
        android:authorities="${applicationId}.provider"
        android:exported="false"
        android:grantUriPermissions="true">
        <meta-data
            android:name="android.support.FILE_PROVIDER_PATHS"
            android:resource="@xml/provider_paths"/>
    </provider>

If you are using androidx, the FileProvider path should be:

 android:name="androidx.core.content.FileProvider"

and replace

Uri uri = Uri.fromFile(fileImagePath);

to

Uri uri = FileProvider.getUriForFile(MainActivity.this, BuildConfig.APPLICATION_ID + ".provider",fileImagePath);

Edit: While you're including the URI with an Intent make sure to add below line:

intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);

and you are good to go. Hope it helps.


@MaksimKniazev Can you describe your error in brief? So that I can help you.
@PankajLilan, I did exactly what did you said. But everytime that I open my pdf in the other application it appears blank (its saving correctly). Should I need to edit the xml? I already added the FLAG_GRANT_READ_URI_PERMISSION as well;
My mistake, I was adding the permission to the wrong intent. This is the best and the simpliest right answer. Thank you!
It throws exception java.lang.IllegalArgumentException: Failed to find configured root that contains / My file path is /storage/emulated/0/GSMManage_DCIM/Documents/Device7298file_74.pdf. can you please help ?
THIS RIGHT HERE IS THE ANSWER! All the others are wrong. This is fresh and works with new code!
P
Pointer Null

If your app targets API 24+, and you still want/need to use file:// intents, you can use hacky way to disable the runtime check:

if(Build.VERSION.SDK_INT>=24){
   try{
      Method m = StrictMode.class.getMethod("disableDeathOnFileUriExposure");
      m.invoke(null);
   }catch(Exception e){
      e.printStackTrace();
   }
}

Method StrictMode.disableDeathOnFileUriExposure is hidden and documented as:

/**
* Used by lame internal apps that haven't done the hard work to get
* themselves off file:// Uris yet.
*/

Problem is that my app is not lame, but rather doesn't want to be crippled by using content:// intents which are not understood by many apps out there. For example, opening mp3 file with content:// scheme offers much fewer apps than when opening same over file:// scheme. I don't want to pay for Google's design faults by limiting my app's functionality.

Google wants developers to use content scheme, but the system is not prepared for this, for years apps were made to use Files not "content", files can be edited and saved back, while files served over content scheme can't be (can they?).


"while files served over content scheme can't be (can they?)." -- sure, if you have write access to the content. ContentResolver has both openInputStream() and openOutputStream(). A less-hacky way of doing this is to just configure the VM rules yourself, and do not enable the file Uri rule.
Exactly. It is hard work when you built your entire app, then find out after targeting 25 all of your camera methods break. This works for me until I get time to do it the right way.
Works on Android 7. Thanks
Works on Android 8 too, tested on Huawei Nexus 6P.
I confirm this is working on production (I have more then 500,000 users), currently version 8.1 is the highest version, and it works on it.
C
CommonsWare

If your targetSdkVersion is 24 or higher, you can not use file: Uri values in Intents on Android 7.0+ devices.

Your choices are:

Drop your targetSdkVersion to 23 or lower, or Put your content on internal storage, then use FileProvider to make it available selectively to other apps

For example:

Intent i=new Intent(Intent.ACTION_VIEW, FileProvider.getUriForFile(this, AUTHORITY, f));

i.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
startActivity(i);

(from this sample project)


Thanks for the answer. What happens when I use this with files on the /system partition? Every app should be able to acces this partition without root.
@SuperThomasLab: I would not count on everything in /system being world-readable. That being said, my guess is that you will still get this exception. I suspect that they are just checking the scheme and are not trying to determine if the file truly is world-readable. However, FileProvider will not help you, as you cannot teach it to serve from /system. You could create a custom strategy for my StreamProvider, or roll your own ContentProvider, to get past the problem.
Still thinking how I'm going to solve this.. The app I am updating with Android N support is a root browser. But now you can't open any files anymore in root directories. (/data, /system), because of this "good change".
what are the most important drawbacks to dropping targetSdkVersion to 23? thnx
@rommex: I do not know what qualifies as "most important". For example, users who work in split-screen mode or on freeform multi-window devices (Chromebooks, Samsung DeX) will be told that your app may not work with multi-window. Whether that is important or not is up to you.
K
Karn Patel

First you need to add a provider to your AndroidManifest

  <application
    ...>
    <activity>
    .... 
    </activity>
    <provider
        android:name="android.support.v4.content.FileProvider"
        android:authorities="com.your.package.fileProvider"
        android:grantUriPermissions="true"
        android:exported="false">
        <meta-data
            android:name="android.support.FILE_PROVIDER_PATHS"
            android:resource="@xml/file_paths" />
    </provider>
  </application>

now create a file in xml resource folder (if using android studio you can hit Alt + Enter after highlighting file_paths and select create a xml resource option)

Next in the file_paths file enter

<?xml version="1.0" encoding="utf-8"?>
<paths>
  <external-path path="Android/data/com.your.package/" name="files_root" />
  <external-path path="." name="external_storage_root" />
</paths>

This example is for external-path you can refere here for more options. This will allow you to share files which are in that folder and its sub-folder.

Now all that's left is to create the intent as follows:

    MimeTypeMap mime = MimeTypeMap.getSingleton();
    String ext = newFile.getName().substring(newFile.getName().lastIndexOf(".") + 1);
    String type = mime.getMimeTypeFromExtension(ext);
    try {
        Intent intent = new Intent();
        intent.setAction(Intent.ACTION_VIEW);
        if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
            intent.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
            Uri contentUri = FileProvider.getUriForFile(getContext(), "com.your.package.fileProvider", newFile);
            intent.setDataAndType(contentUri, type);
        } else {
            intent.setDataAndType(Uri.fromFile(newFile), type);
        }
        startActivityForResult(intent, ACTIVITY_VIEW_ATTACHMENT);
    } catch (ActivityNotFoundException anfe) {
        Toast.makeText(getContext(), "No activity found to open this attachment.", Toast.LENGTH_LONG).show();
    }

EDIT: I added the root folder of the sd card in the file_paths. I have tested this code and it does work.


Thank you for this. I also want to let you know that there is a better way to get the file extension. String extension = android.webkit.MimeTypeMap.getFileExtensionFromUrl(Uri.fromFile(file).toString()); Also, I recommend anyone looking for answers to read through FileProvider first and understand what you are dealing with here with file permissions in Android N and above. There are options for internal storage vs. external storage and also for regular files-path vs. cache-paths.
I was getting the following exception: java.lang.IllegalArgumentException: Failed to find configured root ... and the only thing that worked was <files-path path="." name="files_root" /> on the xml file instead of <external-path .... My file was saved in the internal storage.
don't write your package name inside the path, use something like this if need to access to all your root folder and not only the private files folder.
C
CrazyJ36

My Solution was to 'Uri.parse' the File Path as String, instead of using Uri.fromFile().

String storage = Environment.getExternalStorageDirectory().toString() + "/test.txt";
File file = new File(storage);
Uri uri;
if (Build.VERSION.SDK_INT < 24) {
    uri = Uri.fromFile(file);
} else {
    uri = Uri.parse(file.getPath()); // My work-around for SDKs up to 29.
}
Intent viewFile = new Intent(Intent.ACTION_VIEW);
viewFile.setDataAndType(uri, "text/plain");
startActivity(viewFile);

Seems that fromFile() uses A file pointer, which I suppose could be insecure when memory addresses are exposed to all apps. But A file path String never hurt anybody, so it works without throwing FileUriExposedException.

Tested on API levels 9 to 29! Successfully opens the text file for editing in another app. Does not require FileProvider, nor the Android Support Library at all. And this will not work right on API level 30(Android 11) or newer, as getExternalStorageDirectory() has been deprecated.


I wish I'd seen this first. I didn't prove it worked for me, but it's so much less cumbersome than FileProvider.
A note on why this actually works: It's not the File pointer that casues the issue, but the fact that the exception only occurs if you have a path with 'file://', which is automatically prepended with fromFile, but not with parse.
This does not get exception, but it can't send the file to the related app either. So, not worked for me.
This will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
@AndroidGuy: Use FileProvider and its getUriForFile() method.
V
Vini.g.fer

@palash k answer is correct and worked for internal storage files, but in my case I want to open files from external storage also, my app crashed when open file from external storage like sdcard and usb, but I manage to solve the issue by modifying provider_paths.xml from the accepted answer

change the provider_paths.xml like below

<?xml version="1.0" encoding="utf-8"?>
 <paths xmlns:android="http://schemas.android.com/apk/res/android">

<external-path path="Android/data/${applicationId}/" name="files_root" />

<root-path
    name="root"
    path="/" />

</paths>

and in java class(No change as the accepted answer just a small edit)

Uri uri=FileProvider.getUriForFile(getActivity(), BuildConfig.APPLICATION_ID+".provider", File)

This help me to fix the crash for files from external storages, Hope this will help some one having same issue as mine :)


Where did you find about <root-path please ? It's working. <external-path path="Android/data/${applicationId}/" name="files_root" /> had no effect for open files from external storage.
i find this from various search results, let me check again and get back to u asap
also the external storage you mention is sd card or inbuilt storage?
Sorry for inaccuracy. I meant Android/data/${applicationId}/ in SDcard.
Need to add this to the intent: intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
M
Math

Just paste the below code in activity onCreate().

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder(); 
StrictMode.setVmPolicy(builder.build());

It will ignore URI exposure.

Happy coding :-)


What are the downsides to this?
This will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
Why a few people duplicate this answer of @KaushalSachan?
h
hata

Just paste the below code in Activity onCreate():

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder();
StrictMode.setVmPolicy(builder.build());

It will ignore URI exposure.


this is one of the solutions but not the standard one. Stil people who downvoted the answers are wrong as the this is also working code with the working solution.
This will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
M
Maksim Ostrovidov

Using the fileProvider is the way to go. But you can use this simple workaround:

WARNING: It will be fixed in next Android release - https://issuetracker.google.com/issues/37122890#comment4

replace:

startActivity(intent);

by

startActivity(Intent.createChooser(intent, "Your title"));

The chooser will be patched soon by Google to contain same check. This is not a solution.
This one works but will not work in future android versions.
M
Max

I used Palash's answer given above but it was somewhat incomplete, I had to provide permission like this

Intent intent = new Intent(Intent.ACTION_VIEW);
    Uri uri;
    if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.N) {
        uri = FileProvider.getUriForFile(this, getPackageName() + ".provider", new File(path));

        List<ResolveInfo> resInfoList = getPackageManager().queryIntentActivities(intent, PackageManager.MATCH_DEFAULT_ONLY);
        for (ResolveInfo resolveInfo : resInfoList) {
            String packageName = resolveInfo.activityInfo.packageName;
            grantUriPermission(packageName, uri, Intent.FLAG_GRANT_WRITE_URI_PERMISSION | Intent.FLAG_GRANT_READ_URI_PERMISSION);
        }
    }else {
        uri = Uri.fromFile(new File(path));
    }

    intent.setDataAndType(uri, "application/vnd.android.package-archive");

    intent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK);

    startActivity(intent);

h
hata

Just paste the below code in Activity onCreate():

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder();
StrictMode.setVmPolicy(builder.build());

It will ignore URI exposure.


This, this will remove the strictmode policies. and will ignore the security warning. Not a good solution.
It also will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
Why a few people duplicate this answer of @KaushalSachan?
A
Alex

Here my solution:

in Manifest.xml

<application
            android:name=".main.MainApp"
            android:allowBackup="true"
            android:icon="@drawable/ic_app"
            android:label="@string/application_name"
            android:logo="@drawable/ic_app_logo"
            android:theme="@style/MainAppBaseTheme">

        <provider
                android:name="androidx.core.content.FileProvider"
                android:authorities="${applicationId}.provider"
                android:exported="false"
                android:grantUriPermissions="true">
            <meta-data
                    android:name="android.support.FILE_PROVIDER_PATHS"
                    android:resource="@xml/provider_paths"/>
        </provider>

in res/xml/provider_paths.xml

   <?xml version="1.0" encoding="utf-8"?>
    <paths xmlns:android="http://schemas.android.com/apk/res/android">
        <external-path name="external_files" path="."/>
    </paths>

in my fragment I has the next code:

 Uri myPhotoFileUri = FileProvider.getUriForFile(getActivity(), getActivity().getApplicationContext().getPackageName() + ".provider", myPhotoFile);               
    intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
    intent.putExtra(MediaStore.EXTRA_OUTPUT, myPhotoFileUri);

Тhat's all you need.

Also not need to create

public class GenericFileProvider extends FileProvider {}

I test on Android 5.0, 6.0 and Android 9.0 and it's success work.


I have tested this solution, and it works fine with a small change: intent.flags = Intent.FLAG_ACTIVITY_NEW_TASK intent.putExtra(Intent.EXTRA_STREAM, myPhotoFileUri) intent.type = "image/png" startActivity(Intent.createChooser(intent, "Share image via")) It works fin on Android 7 and 8.
h
hata

add this two line in onCreate

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder();
StrictMode.setVmPolicy(builder.build());

Share method

File dir = new File(Environment.getExternalStorageDirectory(), "ColorStory");
File imgFile = new File(dir, "0.png");
Intent sendIntent = new Intent(Intent.ACTION_VIEW);
sendIntent.setType("image/*");
sendIntent.setAction(Intent.ACTION_SEND);
sendIntent.putExtra(Intent.EXTRA_STREAM, Uri.parse("file://" + imgFile));
sendIntent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
startActivity(Intent.createChooser(sendIntent, "Share images..."));

This will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
B
Bhoomika Chauhan

For downloading pdf from server , add below code in your service class. Hope this is helpful for you.

File file = new File(Environment.getExternalStoragePublicDirectory(Environment.DIRECTORY_DOWNLOADS), fileName + ".pdf");
    intent = new Intent(Intent.ACTION_VIEW);
    //Log.e("pathOpen", file.getPath());

    Uri contentUri;
    contentUri = Uri.fromFile(file);
    intent.setFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP | Intent.FLAG_ACTIVITY_NEW_TASK);

    if (Build.VERSION.SDK_INT >= 24) {

        Uri apkURI = FileProvider.getUriForFile(context, context.getApplicationContext().getPackageName() + ".provider", file);
        intent.setDataAndType(apkURI, "application/pdf");
        intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);

    } else {

        intent.setDataAndType(contentUri, "application/pdf");
    }

And yes , don't forget to add permissions and provider in your manifest.

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />

<application

<provider
        android:name="android.support.v4.content.FileProvider"
        android:authorities="${applicationId}.provider"
        android:exported="false"
        android:grantUriPermissions="true">
        <meta-data
            android:name="android.support.FILE_PROVIDER_PATHS"
            android:resource="@xml/provider_paths" />
    </provider>

</application>

what is @xml/provider_paths ?
@Heisenberg please refer Rahul Upadhyay post from url : stackoverflow.com/questions/38555301/…
n
nyanpasu64

I don't know why, I did everything exactly the same as Pkosta (https://stackoverflow.com/a/38858040 ) but kept getting error:

java.lang.SecurityException: Permission Denial: opening provider redacted from ProcessRecord{redacted} (redacted) that is not exported from uid redacted

I wasted hours on this issue. The culprit? Kotlin.

val playIntent = Intent(Intent.ACTION_VIEW, uri)
intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION)

intent was actually setting getIntent().addFlags instead of operating on my newly declared playIntent.


S
Suraj Bahadur
As of Android N, in order to work around this issue, you need to use the FileProvider API

There are 3 main steps here as mentioned below

Step 1: Manifest Entry

<manifest ...>
    <application ...>
        <provider
            android:name="android.support.v4.content.FileProvider"
            android:authorities="${applicationId}.provider"
            android:exported="false"
            android:grantUriPermissions="true">
            <meta-data
                android:name="android.support.FILE_PROVIDER_PATHS"
                android:resource="@xml/provider_paths"/>
        </provider>
    </application>
</manifest>

Step 2: Create XML file res/xml/provider_paths.xml

<?xml version="1.0" encoding="utf-8"?>
<paths xmlns:android="http://schemas.android.com/apk/res/android">
    <external-path name="external_files" path="."/>
</paths>

Step 3: Code changes

File file = ...;
Intent install = new Intent(Intent.ACTION_VIEW);
install.setFlags(Intent.FLAG_ACTIVITY_CLEAR_TOP | Intent.FLAG_ACTIVITY_NEW_TASK);
// Old Approach
    install.setDataAndType(Uri.fromFile(file), mimeType);
// End Old approach
// New Approach
    Uri apkURI = FileProvider.getUriForFile(
                             context, 
                             context.getApplicationContext()
                             .getPackageName() + ".provider", file);
    install.setDataAndType(apkURI, mimeType);
    install.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
// End New Approach
    context.startActivity(install);

in addition to this, I had to add <root-path name="root" path="/" /> inside the provider_paths.xml
@AlbertoM This is optional
I know, but this made the difference for me. The other things didn’t let me go through with it
@AlbertoM Can you please mentioned what error are you getting OR share the sample code with me so that can solve it.
Without the <root-path> it's not happening for me as well
l
lomza

I spent almost a day trying to figure out why I was getting this exception. After lots of struggle, this config worked perfectly (Kotlin):

AndroidManifest.xml

<provider
  android:name="androidx.core.content.FileProvider"
  android:authorities="com.lomza.moviesroom.fileprovider"
  android:exported="false"
  android:grantUriPermissions="true">
  <meta-data
    android:name="android.support.FILE_PROVIDER_PATHS"
    android:resource="@xml/file_paths" />
</provider>

file_paths.xml

<?xml version="1.0" encoding="utf-8"?>
<paths>
  <files-path name="movies_csv_files" path="."/>
</paths>

Intent itself

fun goToFileIntent(context: Context, file: File): Intent {
    val intent = Intent(Intent.ACTION_VIEW)
    val contentUri = FileProvider.getUriForFile(context, "${context.packageName}.fileprovider", file)
    val mimeType = context.contentResolver.getType(contentUri)
    intent.setDataAndType(contentUri, mimeType)
    intent.flags = Intent.FLAG_GRANT_READ_URI_PERMISSION or Intent.FLAG_GRANT_WRITE_URI_PERMISSION

    return intent
}

I explain the whole process here.


S
SWIK

I have just done following if android version > 24

File fl = new File(url);
    Uri uri = Uri.fromFile(fl);
    Intent intent = new Intent(Intent.ACTION_VIEW);
    if (android.os.Build.VERSION.SDK_INT>=24)
    {
        Context context = getApplicationContext();
        uri = FileProvider.getUriForFile(
                context,
                context.getApplicationContext()
                        .getPackageName() + ".provider", fl);
        intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
    }
    intent.setDataAndType(uri, mimetype);
    intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK);
    startActivity(intent);

Following this link then https://medium.com/@ali.muzaffar/what-is-android-os-fileuriexposedexception-and-what-you-can-do-about-it-70b9eb17c6d0#.54odzsnk4


N
NeoWang

@Pkosta 's answer is one way of doing this.

Besides using FileProvider, you can also insert the file into MediaStore (especially for image and video files), because files in MediaStore are accessible to every app:

The MediaStore is primarily aimed at video, audio and image MIME types, however beginning with Android 3.0 (API level 11) it can also store non-media types (see MediaStore.Files for more info). Files can be inserted into the MediaStore using scanFile() after which a content:// style Uri suitable for sharing is passed to the provided onScanCompleted() callback. Note that once added to the system MediaStore the content is accessible to any app on the device.

For example, you can insert a video file to MediaStore like this:

ContentValues values = new ContentValues();
values.put(MediaStore.Video.Media.DATA, videoFilePath);
Uri contentUri = context.getContentResolver().insert(
      MediaStore.Video.Media.EXTERNAL_CONTENT_URI, values);

contentUri is like content://media/external/video/media/183473, which can be passed directly to Intent.putExtra:

intent.setType("video/*");
intent.putExtra(Intent.EXTRA_STREAM, contentUri);
intent.addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION);
activity.startActivity(intent);

This works for me, and save the hassles of using FileProvider.


J
Jitu Batiya

i put this method so imageuri path easily get in content.

enter code here
public Uri getImageUri(Context context, Bitmap inImage)
{
    ByteArrayOutputStream bytes = new ByteArrayOutputStream();
    inImage.compress(Bitmap.CompressFormat.PNG, 100, bytes);
    String path = MediaStore.Images.Media.insertImage(context.getContentResolver(), 
    inImage, "Title", null);
    return Uri.parse(path);
}

佚名

I know this is a pretty old question but this answer is for future viewers. So I've encountered a similar problem and after researching, I've found an alternative to this approach.

Your Intent here for eg: To view your image from your path in Kotlin

 val intent = Intent()
 intent.setAction(Intent.ACTION_VIEW)
 val file = File(currentUri)
 intent.setFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION)
 val contentURI = getContentUri(context!!, file.absolutePath)
 intent.setDataAndType(contentURI,"image/*")
 startActivity(intent)

Main Function below

private fun getContentUri(context:Context, absPath:String):Uri? {
        val cursor = context.getContentResolver().query(
            MediaStore.Images.Media.EXTERNAL_CONTENT_URI,
            arrayOf<String>(MediaStore.Images.Media._ID),
            MediaStore.Images.Media.DATA + "=? ",
            arrayOf<String>(absPath), null)
        if (cursor != null && cursor.moveToFirst())
        {
            val id = cursor.getInt(cursor.getColumnIndex(MediaStore.MediaColumns._ID))
            return Uri.withAppendedPath(MediaStore.Images.Media.EXTERNAL_CONTENT_URI, Integer.toString(id))
        }
        else if (!absPath.isEmpty())
        {
            val values = ContentValues()
            values.put(MediaStore.Images.Media.DATA, absPath)
            return context.getContentResolver().insert(
                MediaStore.Images.Media.EXTERNAL_CONTENT_URI, values)
        }
        else
        {
            return null
        }
    }

Likewise, instead of an image, you can use any other file format like pdf and in my case, it worked just fine


S
Shunan

I wanted to share images from the app's scoped storage and that's where I was getting this exception. Searched for hours and then, at last, I found this blog.

It's a bit long so I am sharing the gist here but I will recommend you to go through it.

The bottom line is you can't share anything from the app's scoped storage. Also in Android 12, the intent chooser bottom dialog shows the preview of the image you are sharing which is super cool by the way, but it can't load the preview from the scoped storage URI.

The solution is to create a copy of the file you 'intent' to share in the cache directory.

val cachePath = File(externalCacheDir, "my_images/")
cachePath.mkdirs()
val bitmap = loadImageFromStorage(currentQuote.bookId)
val file = File(cachePath, "cache.png")
val fileOutputStream: FileOutputStream
try {
    fileOutputStream = FileOutputStream(file)
    bitmap?.compress(Bitmap.CompressFormat.PNG, 100, fileOutputStream)
    fileOutputStream.flush()
    fileOutputStream.close()
} catch (e: FileNotFoundException) {
    e.printStackTrace()
} catch (e: IOException) {
    e.printStackTrace()
}
val cacheImageUri: Uri = FileProvider.getUriForFile(this, applicationContext.packageName + ".provider", file)
            
val intent = Intent(Intent.ACTION_SEND).apply {
    clipData = ClipData.newRawUri(null, cacheImageUri)
    putExtra(Intent.EXTRA_STREAM, cacheImageUri)
    type = "image/ *"
    addFlags(Intent.FLAG_GRANT_READ_URI_PERMISSION)
}
startActivity(Intent.createChooser(intent, null))
            

And this is how I am loading file from scoped storage

fun Context.loadImageFromStorage(path: String): Bitmap? {
    try {
        val file = getFile(path)
        val bitmap = BitmapFactory.decodeStream(FileInputStream(file))
        return bitmap
    } catch (e: Exception) {
        e.printStackTrace()

        //Returning file from public storage in case the file is stored in public storage 
        return BitmapFactory.decodeStream(FileInputStream(File(path)))
    }
    
    return null
}


fun Context.getFile(path: String): File? {
    val cw = ContextWrapper(this)
    val directory = cw.getDir("image_dir", Context.MODE_PRIVATE)
    if (!directory.exists())
        directory.mkdir()
    try {
        val fileName = directory.absolutePath + "/" + path.split("/").last()
        return File(fileName)
    } catch (e: Exception) {
        e.printStackTrace()
    }
    
    return null
}

Lastly, don't forget to update your provider_paths.xml file

<external-cache-path name="external_cache" path="." />

<external-cache-path name="external_files" path="my_images/"/>

s
samus

Xamarin.Android

Note: The path xml/provider_paths.xml (.axml) couldn't be resolved, even after making the xml folder under Resources (maybe it can be put in an existing location like Values, didn't try), so I resorted to this which works for now. Testing showed that it only needs to be called once per application run (which makes sense being that it changes the operational state of the host VM).

Note: xml needs to be capitalized, so Resources/Xml/provider_paths.xml

Java.Lang.ClassLoader cl = _this.Context.ClassLoader;
Java.Lang.Class strictMode = cl.LoadClass("android.os.StrictMode");                
System.IntPtr ptrStrictMode = JNIEnv.FindClass("android/os/StrictMode");
var method = JNIEnv.GetStaticMethodID(ptrStrictMode, "disableDeathOnFileUriExposure", "()V");                
JNIEnv.CallStaticVoidMethod(strictMode.Handle, method);

A
Abdul Basit Rishi

Try this solution

PUT THESE PERMISSIONS IN MANIFEST

 <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
 <uses-permission android:name="android.permission.CAMERA" />

INTENT TO CAPTURE IMAGE

Intent takePictureIntent = new Intent(MediaStore.ACTION_IMAGE_CAPTURE);
                if (takePictureIntent.resolveActivity(getPackageManager()) != null) {
                    startActivityForResult(takePictureIntent, REQUEST_IMAGE_CAPTURE);
                }

GET CAPTURED IMAGE IN ONACTIVITYRESULT

@Override
            protected void onActivityResult(int requestCode, int resultCode, Intent data) {
                super.onActivityResult(requestCode, resultCode, data);
                if (requestCode == REQUEST_IMAGE_CAPTURE && resultCode == RESULT_OK) {
                    Bundle extras = data.getExtras();
                    Bitmap imageBitmap = (Bitmap) extras.get("data");
                    // CALL THIS METHOD TO GET THE URI FROM THE BITMAP
                    Uri tempUri = getImageUri(getApplicationContext(), imageBitmap);
                    //DO SOMETHING WITH URI
                }
            } 

METHOD TO GET IMAGE URI

public Uri getImageUri(Context inContext, Bitmap inImage) {
        ByteArrayOutputStream bytes = new ByteArrayOutputStream();
        inImage.compress(Bitmap.CompressFormat.JPEG, 100, bytes);
        String path = MediaStore.Images.Media.insertImage(inContext.getContentResolver(), inImage, "Title", null);
        return Uri.parse(path);
    }

This only gets you the thumbnail not the full picture.
A
Aalishan Ansari

This works

 val uri = if (Build.VERSION.SDK_INT < 24) Uri.fromFile(file) else Uri.parse(file.path)
                val shareIntent = Intent().apply {
                    action = Intent.ACTION_SEND
                    type = "application/pdf"
                    putExtra(Intent.EXTRA_STREAM, uri)
                    putExtra(
                        Intent.EXTRA_SUBJECT,
                        "Purchase Bill..."
                    )
                    putExtra(
                        Intent.EXTRA_TEXT,
                        "Sharing Bill purchase items..."
                    )
                }
                startActivity(Intent.createChooser(shareIntent, "Share Via"))

h
hata

Simply let it ignore the URI Exposure... Add it after on create

StrictMode.VmPolicy.Builder builder = new StrictMode.VmPolicy.Builder();
StrictMode.setVmPolicy(builder.build()); 

This will fail on Android 10 and higher, as you cannot assume that the other app has access to external storage via the filesystem.
This don´t must be used in a producction app.
@CommonsWare but this shouldn't have worked.. I was getting fileuriexposedexception only on Huawei but adding this strangely solves it while nothing else worked !!
Why a few people duplicate this answer of @KaushalSachan?

关注公众号,不定期副业成功案例分享
Follow WeChat

Success story sharing

Want to stay one step ahead of the latest teleworks?

Subscribe Now