Keep in mind that other apps can access your app's resources and assets, and in fact anyone can access your apk and obtain anything hidden therein.
I wish Android provided a way that a server could determine if a request was generated by some app 'package id' signed by a given key -- but this is not available as far as I know. On Sep 17, 12:03 am, William Ferguson <william.ferguson...@gmail.com> wrote: > If I have my app fetching content from my server, what mechanism > should I use on my server to ensure that its my app making the > request? > > Is there any way that I can sign the request to using my app's > signature to show its come from my app and not from a stolen version > or copycat? I suspect the answer is no, but I'm looking for > suggestions. > > William -- You received this message because you are subscribed to the Google Groups "Android Developers" group. To post to this group, send email to android-developers@googlegroups.com To unsubscribe from this group, send email to android-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/android-developers?hl=en