OKHttp 缓存响应的安全性
Security of OKHttp Cached Responses
来自 Okhttp 的缓存响应的安全性和可访问性如何?
我知道我们可以定义一个文件来缓存我们的项目,但我想知道是否有一个文件可以为缓存 API-Keys 提供最佳安全性,或者提高安全性的方法对于 OkHttp。
如果不是,是否有更安全的方法来缓存 API-应用程序重新启动之间的密钥?
非常安全,除非您控制设备。假设您的缓存看起来像
return OkHttpClient.Builder()
// Around 4¢ worth of storage in 2020
.cache(Cache(File(applicationContext.cacheDir, "api_cache"), 50 * 1024 * 1024))
.build()
https://developer.android.com/training/data-storage/app-specific
Internal storage directories: These directories include both a
dedicated location for storing persistent files, and another location
for storing cache data. The system prevents other apps from accessing
these locations, and on Android 10 (API level 29) and higher, these
locations are encrypted. These characteristics make these locations a
good place to store sensitive data that only your app itself can
access.
来自 Okhttp 的缓存响应的安全性和可访问性如何?
我知道我们可以定义一个文件来缓存我们的项目,但我想知道是否有一个文件可以为缓存 API-Keys 提供最佳安全性,或者提高安全性的方法对于 OkHttp。
如果不是,是否有更安全的方法来缓存 API-应用程序重新启动之间的密钥?
非常安全,除非您控制设备。假设您的缓存看起来像
return OkHttpClient.Builder()
// Around 4¢ worth of storage in 2020
.cache(Cache(File(applicationContext.cacheDir, "api_cache"), 50 * 1024 * 1024))
.build()
https://developer.android.com/training/data-storage/app-specific
Internal storage directories: These directories include both a dedicated location for storing persistent files, and another location for storing cache data. The system prevents other apps from accessing these locations, and on Android 10 (API level 29) and higher, these locations are encrypted. These characteristics make these locations a good place to store sensitive data that only your app itself can access.