am 9d09eee5: am af7b843e: docs: remove games references
* commit '9d09eee559533535e00be933a38a69ade046d74e':
diff --git a/core/java/android/content/ContentProvider.java b/core/java/android/content/ContentProvider.java
index 23d8f46..612ff0b 100644
--- a/core/java/android/content/ContentProvider.java
+++ b/core/java/android/content/ContentProvider.java
@@ -238,7 +238,7 @@
@Override
public ParcelFileDescriptor openFile(Uri uri, String mode)
throws FileNotFoundException {
- if (mode != null && mode.startsWith("rw")) enforceWritePermission(uri);
+ if (mode != null && mode.indexOf('w') != -1) enforceWritePermission(uri);
else enforceReadPermission(uri);
return ContentProvider.this.openFile(uri, mode);
}
@@ -246,7 +246,7 @@
@Override
public AssetFileDescriptor openAssetFile(Uri uri, String mode)
throws FileNotFoundException {
- if (mode != null && mode.startsWith("rw")) enforceWritePermission(uri);
+ if (mode != null && mode.indexOf('w') != -1) enforceWritePermission(uri);
else enforceReadPermission(uri);
return ContentProvider.this.openAssetFile(uri, mode);
}
diff --git a/docs/html/about/dashboards/index.jd b/docs/html/about/dashboards/index.jd
index 14f3dd1..93876f8 100644
--- a/docs/html/about/dashboards/index.jd
+++ b/docs/html/about/dashboards/index.jd
@@ -31,32 +31,32 @@
<th>Distribution</th>
</tr>
<tr><td><a href="/about/versions/android-1.6.html">1.6</a></td><td>Donut</td> <td>4</td><td>0.2%</td></tr>
-<tr><td><a href="/about/versions/android-2.1.html">2.1</a></td><td>Eclair</td> <td>7</td><td>2.2%</td></tr>
-<tr><td><a href="/about/versions/android-2.2.html">2.2</a></td><td>Froyo</td> <td>8</td><td>8.1%</td></tr>
+<tr><td><a href="/about/versions/android-2.1.html">2.1</a></td><td>Eclair</td> <td>7</td><td>1.9%</td></tr>
+<tr><td><a href="/about/versions/android-2.2.html">2.2</a></td><td>Froyo</td> <td>8</td><td>7.6%</td></tr>
<tr><td><a href="/about/versions/android-2.3.html">2.3 - 2.3.2</a>
</td><td rowspan="2">Gingerbread</td> <td>9</td><td>0.2%</td></tr>
<tr><td><a href="/about/versions/android-2.3.3.html">2.3.3 - 2.3.7
- </a></td><!-- Gingerbread --> <td>10</td><td>45.4%</td></tr>
+ </a></td><!-- Gingerbread --> <td>10</td><td>44%</td></tr>
<tr><td><a href="/about/versions/android-3.1.html">3.1</a></td>
<td rowspan="2">Honeycomb</td> <td>12</td><td>0.3%</td></tr>
-<tr><td><a href="/about/versions/android-3.2.html">3.2</a></td> <!-- Honeycomb --><td>13</td><td>1.0%</td></tr>
+<tr><td><a href="/about/versions/android-3.2.html">3.2</a></td> <!-- Honeycomb --><td>13</td><td>0.9%</td></tr>
<tr><td><a href="/about/versions/android-4.0.3.html">4.0.3 - 4.0.4</a></td>
- <td>Ice Cream Sandwich</td><td>15</td><td>29.0%</td></tr>
+ <td>Ice Cream Sandwich</td><td>15</td><td>28.6%</td></tr>
<tr><td><a href="/about/versions/android-4.1.html">4.1</a></td>
- <td rowspan="2">Jelly Bean</td><td>16</td><td>12.2%</td></tr>
-<tr><td><a href="/about/versions/android-4.2.html">4.2</a></td><!--Jelly Bean--> <td>17</td><td>1.4%</td></tr>
+ <td rowspan="2">Jelly Bean</td><td>16</td><td>14.9%</td></tr>
+<tr><td><a href="/about/versions/android-4.2.html">4.2</a></td><!--Jelly Bean--> <td>17</td><td>1.6%</td></tr>
</table>
</div>
<div class="col-8" style="margin-right:0">
<img style="margin-left:30px" alt=""
-src="//chart.apis.google.com/chart?&cht=p&chs=460x245&chf=bg,s,00000000&chd=t:2.4,8.1,45.4,0.3,29,13.6&chl=Eclair%20%26%20older|Froyo|Gingerbread|Honeycomb|Ice%20Cream%20Sandwich|Jelly%20Bean&chco=c4df9b,6fad0c"
+src="//chart.apis.google.com/chart?&cht=p&chs=460x245&chf=bg,s,00000000&chd=t:2.0,7.6,44.2,1.2,28.6,16.5&chl=Eclair%20%26%20older|Froyo|Gingerbread|Honeycomb|Ice%20Cream%20Sandwich|Jelly%20Bean&chco=c4df9b,6fad0c"
/>
</div><!-- end dashboard-panel -->
-<p style="clear:both"><em>Data collected during a 14-day period ending on February 4, 2013</em></p>
+<p style="clear:both"><em>Data collected during a 14-day period ending on March 4, 2013</em></p>
<!--
<p style="font-size:.9em">* <em>Other: 0.1% of devices running obsolete versions</em></p>
-->
@@ -81,9 +81,9 @@
Google Play within a 14-day period ending on the date indicated on the x-axis.</p>
<img alt="" height="250" width="660"
-src="//chart.apis.google.com/chart?&cht=lc&chs=660x250&chxt=x,x,y,r&chf=bg,s,00000000&chxr=0,0,12|1,0,12|2,0,100|3,0,100&chxl=0%3A%7C08/01%7C08/15%7C09/01%7C09/15%7C10/01%7C10/15%7C11/01%7C11/15%7C12/01%7C12/15%7C01/01%7C01/15%7C02/01%7C1%3A%7C2012%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C2013%7C%7C2013%7C2%3A%7C0%25%7C25%25%7C50%25%7C75%25%7C100%25%7C3%3A%7C0%25%7C25%25%7C50%25%7C75%25%7C100%25&chxp=0,0,1,2,3,4,5,6,7,8,9,10,11,12&chxtc=0,5&chd=t:99.2,99.2,99.3,99.4,99.5,99.5,99.5,99.6,100.0,100.0,100.0,100.0,100.0|95.0,95.2,95.6,95.8,96.1,96.3,96.4,96.7,96.9,97.2,97.4,97.4,97.6|79.5,80.4,81.4,82.3,83.2,83.8,84.7,85.6,86.4,87.0,88.2,88.8,89.4|18.9,21.2,23.7,25.5,27.4,28.7,31.1,33.0,35.4,36.8,40.3,42.0,43.6|16.6,19.0,21.5,23.5,25.5,26.8,29.4,31.4,33.8,35.2,38.8,40.7,42.3|0.8,0.9,1.1,1.4,1.8,2.1,3.2,4.8,6.5,7.5,9.9,11.7,13.3&chm=b,c3df9b,0,1,0|tFroyo,689326,1,0,15,,t::-5|b,b4db77,1,2,0|tGingerbread,547a19,2,0,15,,t::-5|b,a5db51,2,3,0|b,96dd28,3,4,0|tIce%20Cream%20Sandwich,293f07,4,0,15,,t::-5|b,83c916,4,5,0|tJelly%20Bean,131d02,5,11,15,,t::-5|B,6fad0c,5,6,0&chg=7,25&chdl=Eclair|Froyo|Gingerbread|Honeycomb|Ice%20Cream%20Sandwich|Jelly%20Bean&chco=add274,9dd14f,8ece2a,7ab61c,659b11,507d08"
+src="//chart.apis.google.com/chart?&cht=lc&chs=660x250&chxt=x,x,y,r&chf=bg,s,00000000&chxr=0,0,12|1,0,12|2,0,100|3,0,100&chxl=0%3A%7C09/01%7C09/15%7C10/01%7C10/15%7C11/01%7C11/15%7C12/01%7C12/15%7C01/01%7C01/15%7C02/01%7C02/15%7C03/01%7C1%3A%7C2012%7C%7C%7C%7C%7C%7C%7C%7C2013%7C%7C%7C%7C2013%7C2%3A%7C0%25%7C25%25%7C50%25%7C75%25%7C100%25%7C3%3A%7C0%25%7C25%25%7C50%25%7C75%25%7C100%25&chxp=0,0,1,2,3,4,5,6,7,8,9,10,11,12&chxtc=0,5&chd=t:99.3,99.4,99.5,99.5,99.5,99.6,100.0,100.0,100.0,100.0,100.0,100.0,100.0|95.6,95.8,96.1,96.3,96.4,96.7,96.9,97.2,97.4,97.4,97.6,97.7,97.9|81.4,82.3,83.2,83.8,84.7,85.6,86.4,87.0,88.2,88.8,89.4,89.9,90.3|23.7,25.5,27.4,28.7,31.1,33.0,35.4,36.8,40.3,42.0,43.6,45.1,46.0|21.5,23.5,25.5,26.8,29.4,31.4,33.8,35.2,38.8,40.7,42.3,43.9,44.8|1.1,1.4,1.8,2.1,3.2,4.8,6.5,7.5,9.9,11.7,13.3,14.8,16.1&chm=b,c3df9b,0,1,0|tFroyo,689326,1,0,15,,t::-5|b,b4db77,1,2,0|tGingerbread,547a19,2,0,15,,t::-5|b,a5db51,2,3,0|b,96dd28,3,4,0|tIce%20Cream%20Sandwich,293f07,4,0,15,,t::-5|b,83c916,4,5,0|tJelly%20Bean,131d02,5,9,15,,t::-5|B,6fad0c,5,6,0&chg=7,25&chdl=Eclair|Froyo|Gingerbread|Honeycomb|Ice%20Cream%20Sandwich|Jelly%20Bean&chco=add274,9dd14f,8ece2a,7ab61c,659b11,507d08"
/>
-<p><em>Last historical dataset collected during a 14-day period ending on February 1, 2013</em></p>
+<p><em>Last historical dataset collected during a 14-day period ending on March 1, 2013</em></p>
diff --git a/docs/html/distribute/googleplay/about/distribution.jd b/docs/html/distribute/googleplay/about/distribution.jd
index 78883b4..7d90426 100644
--- a/docs/html/distribute/googleplay/about/distribution.jd
+++ b/docs/html/distribute/googleplay/about/distribution.jd
@@ -75,24 +75,29 @@
Google Play Developer Console, you can list the supported devices and
even exclude specific devices if needed.</p>
-<h2 id="stats">Statistics for analyzing installs</h2>
+<h2 id="stats">Statistics for analyzing installs and ratings</h2>
<p>Once you’ve published your app, Google Play makes it easy to see how it’s
doing. The Google Play Developer Console gives you access to a variety
-of anonymized metrics that show your app’s installation performance measured by
-unique users and unique devices, across a variety of different dimensions such
-as country, Android version, device, country, carrier, and app version.</p>
+of anonymized statistics and custom charts that show you the app's installation
+performance and ratings.</p>
-<div style="border:1px solid #DDD;margin:1.5em;margin-left:8%;width:608px">
-<img src="{@docRoot}images/gp-dc-stats-mini.png"
-style="width:600px;padding:4px;margin-bottom:0;">
+<p>You can view data and charts for active, daily, and total installs
+per unique devices or users, as well as upgrades and uninstalls.
+You can also view the app's daily average user rating and its cumulative
+user rating. To help you analyze the data, you can view install
+and ratings statistics across a variety of different dimensions such as Android
+version, device, country, app version, and carrier.</p>
+
+<div class="figure-left">
+ <img src="{@docRoot}images/gp-dc-stats-mini.png" class="frame">
</div>
-<p>You can also view your installation data on timeline charts, for all metrics and
-dimensions. At a glance, these charts highlight your app’s installation peaks
-and longer-term trends, which you can correlate to promotions, app improvements,
-or other factors. You can even focus in on data inside a dimension by
-highlighting specific data points (such as individual platform versions or
-languages) on the timeline.</p>
+<p>You can see your app statistics on timeline charts, for
+all metrics and dimensions. At a glance, the charts highlight your app’s
+installation and ratings peaks and longer-term trends, which you can correlate
+to promotions, app improvements, or other factors. You can even focus in on
+data inside a dimension by highlighting specific data points (such as
+individual platform versions or languages) on the timeline.</p>
<p>So that you can “take your data with you”, you can download all of your
installation data as a CSV file for viewing in the business program of your
@@ -123,9 +128,22 @@
upload the expansion files, Google Play hosts them for free and handles the
download of the files as part of the normal APK installation.</p>
-<h2 id="licensing">Protecting your App</h2>
+<h2 id="licensing">Protecting your app</h2>
-<p>To help you protect your application against piracy, Google Play offers a
-licensing service that you can implement in your app. It’s a network-based
-service that lets an application query a trusted Google Play licensing server to
-determine whether the application is licensed to the current device user.</p>
+<p>Google Play provides two key features to help you protect your application
+against piracy — Google Play Licensing and app encryption.</p>
+
+<p> Google Play Licensing is a network-based service that you implement in your
+app. The service lets your app query a trusted licensing server at runtime, to
+determine whether the app is licensed to the current device user. You can use
+the licensing service to protect any app, even apps that you distribute for
+free. For an overview of the service, see <a
+href="{@docRoot}google/play/licensing/index.html">Application
+Licensing</a>.</p>
+
+<p>Additionally, Google Play offers app encryption to help protect your priced
+apps. When delivering your priced apps to devices running Android 4.1 or higher,
+Google encrypts the app binary so that it can be run only by the user who
+downloaded it, on the device to which it was originally downloaded. Your priced
+apps benefit from app encryption automatically — there's no extra
+development work or configuration needed.</p>
diff --git a/docs/html/distribute/googleplay/publish/console.jd b/docs/html/distribute/googleplay/publish/console.jd
index 069b2d2..0bf5e78 100644
--- a/docs/html/distribute/googleplay/publish/console.jd
+++ b/docs/html/distribute/googleplay/publish/console.jd
@@ -4,7 +4,7 @@
<p>Once you've <a
href="{@docRoot}distribute/googleplay/publish/register.html">registered</a> and
-received verification by email, you can sign in to your Google Play Android
+received verification by email, you can sign in to your Google Play
Developer Console, which will be the home for your app publishing operations and
tools on Google Play. This sections below introduce a few of the key areas
you'll find in the Developer Console.</p>
diff --git a/docs/html/distribute/googleplay/publish/preparing.jd b/docs/html/distribute/googleplay/publish/preparing.jd
index 0925f3c..416f02e 100644
--- a/docs/html/distribute/googleplay/publish/preparing.jd
+++ b/docs/html/distribute/googleplay/publish/preparing.jd
@@ -203,11 +203,19 @@
changes in your app binary, so you will need to make those changes before
creating your release-ready APK.</p>
+<p>To minimize the size of your app binary, make sure that you run the
+<a href="{@docRoot}tools/help/proguard.html">Proguard</a> tool on your code when
+building your release-ready APK.</p>
+
<table>
<tr>
<td><p>Related resources:</p>
<ul style="margin-top:-.5em;">
-<li><strong><a href="{@docRoot}google/play/expansion-files.html">APK Expansion Files</a></strong> — Developer documentation describing APK Expansion Files and how to support them in your app.</li>
+<li><strong><a href="{@docRoot}google/play/expansion-files.html">APK Expansion Files</a></strong>
+— Developer documentation describing APK Expansion Files and how to support them in your app.</li>
+<li><strong><a href="{@docRoot}tools/help/proguard.html">ProGuard</a></strong> — Developer
+documentation describing how to use ProGuard to shrink, optimize, and obfuscate your code prior
+to release.</li>
</ul>
</td>
</tr>
diff --git a/docs/html/google/play/billing/billing_reference.jd b/docs/html/google/play/billing/billing_reference.jd
index ae41521..1410e65 100755
--- a/docs/html/google/play/billing/billing_reference.jd
+++ b/docs/html/google/play/billing/billing_reference.jd
@@ -166,7 +166,7 @@
</tr>
<tr>
<td>{@code productId}</td>
- <td>The item's product identifier. Every item has a product ID, which you must specify in the application's product list on the Google Play publisher site.</td>
+ <td>The item's product identifier. Every item has a product ID, which you must specify in the application's product list on the Google Play Developer Console.</td>
</tr>
<tr>
<td>{@code purchaseTime}</td>
diff --git a/docs/html/google/play/billing/billing_testing.jd b/docs/html/google/play/billing/billing_testing.jd
index d84814d..8dcaa86 100755
--- a/docs/html/google/play/billing/billing_testing.jd
+++ b/docs/html/google/play/billing/billing_testing.jd
@@ -18,7 +18,7 @@
</div>
</div>
-<p>The Google Play publisher site provides several tools that help you test your In-app Billing
+<p>The Google Play Developer Console provides several tools that help you test your In-app Billing
implementation before it is published. You can use these tools to create test accounts and purchase
special reserved items that send static billing responses to your application.</p>
@@ -53,7 +53,7 @@
<p>You do not need to list the reserved products in your application's product list. Google Play
already knows about the reserved product IDs. Also, you do not need to upload your application to
-the publisher site to perform static response tests with the reserved product IDs. You can simply
+the Developer Console to perform static response tests with the reserved product IDs. You can simply
install your application on a device, log into the device, and make billing requests using the
reserved product IDs.</p>
@@ -199,7 +199,7 @@
testing.</p>
<p>To test your In-app Billing implementation with actual in-app purchases, you will need to
-register at least one test account on the Google Play publisher site. You cannot use your
+register at least one test account on the Google Play Developer Console. You cannot use your
developer account to test the complete in-app purchase process because Google Checkout does not let
you buy items from yourself. If you have not set up test accounts before, see <a
href="{@docRoot}google/play/billing/billing_admin.html#billing-testing-setup">Setting up test
@@ -216,7 +216,7 @@
<p>To test your In-app Billing implementation with actual purchases, follow these steps:</p>
<ol>
- <li><strong>Upload your application as a draft application to the publisher site.</strong>
+ <li><strong>Upload your application as a draft application to the Developer Console.</strong>
<p>You do not need to publish your application to perform end-to-end testing with real product
IDs; you only need to upload your application as a draft application. However, you must sign
your application with your release key before you upload it as a draft application. Also, the
diff --git a/docs/html/google/play/billing/v2/billing_integrate.jd b/docs/html/google/play/billing/v2/billing_integrate.jd
index c065ffb..defe265 100755
--- a/docs/html/google/play/billing/v2/billing_integrate.jd
+++ b/docs/html/google/play/billing/v2/billing_integrate.jd
@@ -204,7 +204,7 @@
<h3>Uploading the sample application</h3>
<p>After you build a release version of the sample application and sign it, you need to upload it as
-a draft to the Google Play publisher site. You also need to create a product list for the in-app
+a draft to the Google Play Developer Console. You also need to create a product list for the in-app
items that are available for purchase in the sample application. The following instructions show you
how to do this.</p>
<ol>
@@ -263,7 +263,7 @@
<li><strong>Make one of your test accounts the primary account on your device.</strong>
<p>The primary account on your device must be one of the <a
href="{@docRoot}google/play/billing/billing_admin.html#billing-testing-setup">test accounts</a>
- that you registered on the Google Play publisher site. If the primary account on your device is not a
+ that you registered on the Google Play Developer Console. If the primary account on your device is not a
test account, you must do a factory reset of the device and then sign in with one of your test
accounts. To perform a factory reset, do the following:</p>
<ol>
@@ -979,7 +979,7 @@
<p>To help ensure the integrity of the transaction information that is sent to your application,
Google Play signs the JSON string that is contained in the <code>PURCHASE_STATE_CHANGED</code>
broadcast intent. Google Play uses the private key that is associated with your publisher account
-to create this signature. The publisher site generates an RSA key pair for each publisher account.
+to create this signature. The Developer Console generates an RSA key pair for each publisher account.
You can find the public key portion of this key pair on your account's profile page. It is the same
public key that is used with Google Play licensing.</p>
diff --git a/docs/html/google/play/billing/v2/billing_reference.jd b/docs/html/google/play/billing/v2/billing_reference.jd
index fb35685..84576bc 100644
--- a/docs/html/google/play/billing/v2/billing_reference.jd
+++ b/docs/html/google/play/billing/v2/billing_reference.jd
@@ -143,7 +143,7 @@
<td>Required for <code>REQUEST_PURCHASE</code> requests.</td>
<td>The product ID of the item you are making a billing request for. Every in-app item that you
sell using Google Play's In-app Billing service must have a unique product ID, which you
- specify on the Google Play publisher site.</td>
+ specify on the Google Play Developer Console.</td>
</tr>
<tr>
<td><code>NONCE</code></td>
@@ -380,7 +380,7 @@
<tr>
<td>productId</td>
<td>The item's product identifier. Every item has a product ID, which you must specify in the
- application's product list on the Google Play publisher site.</td>
+ application's product list on the Google Play Developer Console.</td>
</tr>
<tr>
<td>purchaseTime</td>
diff --git a/docs/html/google/play/filters.jd b/docs/html/google/play/filters.jd
index eeb2215..6ab223c 100644
--- a/docs/html/google/play/filters.jd
+++ b/docs/html/google/play/filters.jd
@@ -192,7 +192,7 @@
Configuration: <br />
keyboard, navigation, touch screen</td>
<td valign="top"><p>An application can
- request certain hardware features, and Google Play will show the app only on devices that have the required hardware.</p>
+ request certain hardware features, and Google Play will show the app only on devices that have the required hardware.</p>
<p><strong>Example 1<br />
</strong>The manifest includes <code><uses-configuration android:reqFiveWayNav="true" /></code>, and a user is searching for apps on a device that does not have a five-way navigational control. <strong>Result</strong>: Google Play will not show the app to the user. </p>
<p><strong>Example 2<br />
@@ -394,17 +394,17 @@
determine the country based on IP.</p></li> <li><p>Carrier is determined based on
the device's SIM (for GSM devices), not the current roaming carrier.</p></li></ul>
</td> </tr> <tr>
- <td valign="top">Native Platform</td> <td valign="top"><p>An application that includes native
- libraries that target a specific platform (ARM EABI v7 or x86, for example) are
- visible only on devices that support that platform. For details about the NDK and using
+ <td valign="top" style="white-space:nowrap;">CPU Architecture (ABI)</td>
+ <td valign="top"><p>An application that includes native
+ libraries that target a specific CPU architecture (ARM EABI v7 or x86, for example) are
+ visible only on devices that support that architecture. For details about the NDK and using
native libraries, see <a href="{@docRoot}tools/sdk/ndk/index.html#overview">What is the
Android NDK?</a></p> </tr> <tr>
- <td valign="top">Copy-Protected Applications</td> <td valign="top"><p>To
- copy protect an application, set copy protection to "On" when you configure publishing
-options for your application. Google Play will not show copy-protected applications on
-developer devices or unreleased devices.</p></td> </tr> </table>
-
-
+ <td valign="top">Copy-Protected Applications</td> <td valign="top"><p class="caution">Google
+ Play no longer supports the Copy Protection feature in the Developer Console and no longer
+ filters apps based on it. To secure your app, please use <a href="{@docRoot}google/play/licensing/index.html">
+ Application Licensing</a> instead. See <a href="{@docRoot}google/play/licensing/overview.html#CopyProtection">
+ Replacement for Copy Protection</a> for more information.</p></td> </tr> </table>
<h2 id="MultiApks">Publishing Multiple APKs with Different Filters</h2>
@@ -434,9 +434,13 @@
<p>By using the <a href="{@docRoot}guide/topics/manifest/uses-sdk-element.html">{@code
<uses-sdk>}</a> element.</p>
</li>
+ <li>CPU Architecture (ABI)
+ <p>By including native libraries built with the <a href="{@docRoot}tools/sdk/ndk/index.html">Android
+ NDK</a> that target a specific CPU architecture (ARM EABI v7 or x86, for example).</p>
+ </li>
</ul>
-<p>All other filters still work the same as usual, but these three are the only filters that can
+<p>All other filters still work the same as usual, but these four are the only filters that can
distinguish one APK from another within the same application listing on Google Play. For example,
you <em>cannot</em> publish multiple APKs for the same application if the APKs differ only based on
whether the device has a camera.</p>
diff --git a/docs/html/google/play/licensing/adding-licensing.jd b/docs/html/google/play/licensing/adding-licensing.jd
index 8ecbe9e..f991e14 100644
--- a/docs/html/google/play/licensing/adding-licensing.jd
+++ b/docs/html/google/play/licensing/adding-licensing.jd
@@ -39,11 +39,7 @@
</li>
<li><a href="#impl-DeviceLimiter">Implementing a DeviceLimiter</a></li>
<li><a href="#app-obfuscation">Obfuscating Your Code</a></li>
- <li><a href="#app-publishing">Publishing a Licensed Application</a>
- <ol>
- <li><a href="#">Removing Copy Protection</a></li>
- </ol>
- </li>
+ <li><a href="#app-publishing">Publishing a Licensed Application</a></li>
<li><a href="#support">Where to Get Support</a></li>
</ol>
@@ -864,7 +860,7 @@
associated with a publisher account, the key pair is <em>not</em> the same as
the key that you use to sign your applications (or derived from it).</p>
-<p>The Google Play publisher site exposes the public key for licensing to any
+<p>The Google Play Developer Console exposes the public key for licensing to any
developer signed in to the publisher account, but it keeps the private key
hidden from all users in a secure location. When an application requests a
license check for an application published in your account, the licensing server
@@ -878,7 +874,7 @@
<ol>
<li>Go to the Google Play <a
-href="http://play.google.com/apps/publish">publisher site</a> and sign in.
+href="http://play.google.com/apps/publish">Developer Console</a> and sign in.
Make sure that you sign in to the account from which the application you are
licensing is published (or will be published). </li>
<li>In the account home page, locate the "Edit profile" link and click it. </li>
@@ -1003,14 +999,6 @@
href="{@docRoot}distribute/googleplay/publish/preparing.html">publish the application</a>.
</p>
-<h3>Removing Copy Protection</h3>
-
-<p>After uploading your licensed application, remember to remove copy protection
-from the application, if it is currently used. To check and remove copy
-protection, sign in to the publisher site and go the application's upload
-details page. In the Publishing options section, make sure that the Copy
-Protection radio button selection is "Off".</p>
-
<h2 id="support">Where to Get Support</h2>
diff --git a/docs/html/google/play/licensing/licensing-reference.jd b/docs/html/google/play/licensing/licensing-reference.jd
index 79c818c..4240097 100644
--- a/docs/html/google/play/licensing/licensing-reference.jd
+++ b/docs/html/google/play/licensing/licensing-reference.jd
@@ -233,7 +233,7 @@
href="{@docRoot}google/play/licensing/setting-up.html#test-env">
Setting Up The Testing Environment</a>, the response code can be manually
overridden for the application developer and any registered test users via the
-Google Play publisher site.
+Google Play Developer Console.
<br/><br/>
Additionally, as noted above, applications that are in draft mode (in other
words, applications that have been uploaded but have <em>never</em> been
diff --git a/docs/html/google/play/licensing/overview.jd b/docs/html/google/play/licensing/overview.jd
index 1123748..2434a4c 100644
--- a/docs/html/google/play/licensing/overview.jd
+++ b/docs/html/google/play/licensing/overview.jd
@@ -215,21 +215,15 @@
<p>Google Play Licensing is a flexible, secure mechanism for controlling
access to your applications. It effectively replaces the Copy Protection
-mechanism offered on Google Play and gives you wider distribution
-potential for your applications. </p>
+mechanism (no longer supported) that was previously offered on Google Play and
+gives you wider distribution potential for your applications. </p>
-<ul>
-<li>A limitation of the legacy Copy Protection mechanism on Google Play is
-that applications using it can be installed only on compatible devices that
-provide a secure internal storage environment. For example, a copy-protected
-application cannot be downloaded from Google Play to a device that provides root
-access, and the application cannot be installed to a device's SD card. </li>
-<li>With Google Play licensing, you can move to a license-based model in
-which access is not bound to the characteristics of the host device, but to your
-publisher account on Google Play and the licensing policy that you define.
-Your application can be installed and controlled on any compatible device on
-any storage, including SD card.</li>
-</ul>
+<p>Licensing lets you move to a license-based model that is enforceable on
+all devices that have access to Google Play. Access is not bound to the
+characteristics of the host device, but to your
+publisher account on Google Play (through the app's public key) and the
+licensing policy that you define. Your application can be installed and
+managed on any device on any storage, including SD card.</p>
<p>Although no license mechanism can completely prevent all unauthorized use,
the licensing service lets you control access for most types of normal usage,
diff --git a/docs/html/google/play/publishing/multiple-apks.jd b/docs/html/google/play/publishing/multiple-apks.jd
index fc9e0f9..64ddc10 100644
--- a/docs/html/google/play/publishing/multiple-apks.jd
+++ b/docs/html/google/play/publishing/multiple-apks.jd
@@ -103,7 +103,7 @@
<h2 id="Concepts">Publishing Concepts</h2>
<p>Before you start publishing multiple APKs on Google Play, you must understand a few
-concepts regarding how the Google Play publisher site works.</p>
+concepts regarding how the Google Play Developer Console works.</p>
<h3 id="Active">Active APKs</h3>
@@ -118,7 +118,7 @@
Active, making them available on Google Play. Also while your application is new
or unpublished, clicking <strong>Save</strong> will save any changes you've made, such
as information added to the Product details and APKs you've uploaded, but nothing is made visible on
-Google Play—this allows you to save your changes and sign out of the publisher site before
+Google Play—this allows you to save your changes and sign out of the Developer Console before
deciding to publish.</p>
<p>Once you've published your application, the first button changes to
<strong>Unpublish</strong>. Clicking it in this state unpublishes your application so that none
@@ -144,7 +144,7 @@
<h3 id="SimpleAndAdvanced">Simple mode and advanced mode</h3>
-<p>The Google Play publisher site provides two modes for managing the APKs associated with
+<p>The Google Play Developer Console provides two modes for managing the APKs associated with
your application: <em>simple mode</em> and <em>advanced mode</em>. You can switch between these by
clicking the
link at the top-right corner of the <strong>APK files</strong> tab.</p>
@@ -388,7 +388,7 @@
</ul>
-<p>Failure to abide by the above rules results in an error on the Google Play publisher site
+<p>Failure to abide by the above rules results in an error on the Google Play Developer Console
when you activate your APKs—you will be unable to publish your application until you
resolve the error.</p>
diff --git a/docs/html/guide/appendix/install-location.jd b/docs/html/guide/appendix/install-location.jd
deleted file mode 100644
index 50f6d27..0000000
--- a/docs/html/guide/appendix/install-location.jd
+++ /dev/null
@@ -1,206 +0,0 @@
-page.title=App Install Location
-@jd:body
-
-
-<div id="qv-wrapper">
-<div id="qv">
-
- <h2>Quickview</h2>
- <ul>
- <li>You can allow your application to install on the device's external storage.</li>
- <li>Some types of applications should <strong>not</strong> allow installation on the external
-storage.</li>
- <li>Installing on the external storage is ideal for large applications that are not tightly
-integrated with the system (most commonly, games).</li>
- </ul>
-
- <h2>In this document</h2>
- <ol>
- <li><a href="#Compatiblity">Backward Compatibility</a></li>
- <li><a href="#ShouldNot">Applications That Should NOT Install on External Storage</a></li>
- <li><a href="#Should">Applications That Should Install on External Storage</a></li>
- </ol>
-
- <h2>See also</h2>
- <ol>
- <li><code><a href="{@docRoot}guide/topics/manifest/manifest-element.html">
-<manifest></a></code></li>
- </ol>
-
-</div>
-</div>
-
-<p>Beginning with API Level 8, you can allow your application to be installed on the
-external storage (for example, the device's SD card). This is an optional feature you can declare
-for your application with the <a
-href="{@docRoot}guide/topics/manifest/manifest-element.html#install">{@code
-android:installLocation}</a> manifest attribute. If you do
-<em>not</em> declare this attribute, your application will be installed on the internal storage
-only and it cannot be moved to the external storage.</p>
-
-<p>To allow the system to install your application on the external storage, modify your
-manifest file to include the <a
-href="{@docRoot}guide/topics/manifest/manifest-element.html#install">{@code
-android:installLocation}</a> attribute in the <code><a
-href="{@docRoot}guide/topics/manifest/manifest-element.html"><manifest></a></code> element,
-with a value of either "{@code preferExternal}" or "{@code auto}". For example:</p>
-
-<pre>
-<manifest xmlns:android="http://schemas.android.com/apk/res/android"
- android:installLocation="preferExternal"
- ... >
-</pre>
-
-<p>If you declare "{@code preferExternal}", you request that your application be installed on the
-external storage, but the system does not guarantee that your application will be installed on
-the external storage. If the external storage is full, the system will install it on the internal
-storage. The user can also move your application between the two locations.</p>
-
-<p>If you declare "{@code auto}", you indicate that your application may be installed on the
-external storage, but you don't have a preference of install location. The system will
-decide where to install your application based on several factors. The user can also move your
-application between the two locations.</p>
-
-<p>When your application is installed on the external storage:</p>
-<ul>
- <li>There is no effect on the application performance so long
-as the external storage is mounted on the device.</li>
- <li>The {@code .apk} file is saved on the external storage, but all private user data,
-databases, optimized {@code .dex} files, and extracted native code are saved on the
-internal device memory.</li>
- <li>The unique container in which your application is stored is encrypted with a randomly
-generated key that can be decrypted only by the device that originally installed it. Thus, an
-application installed on an SD card works for only one device.</li>
- <li>The user can move your application to the internal storage through the system settings.</li>
-</ul>
-
-<p class="warning"><strong>Warning:</strong> When the user enables USB mass storage to share files
-with a computer or unmounts the SD card via the system settings, the external storage is unmounted
-from the device and all applications running on the external storage are immediately killed.</p>
-
-
-
-<h2 id="Compatiblity">Backward Compatibility</h2>
-
-<p>The ability for your application to install on the external storage is a feature available only
-on devices running API Level 8 (Android 2.2) or greater. Existing applications that were built prior
-to API Level 8 will always install on the internal storage and cannot be moved to the external
-storage (even on devices with API Level 8). However, if your application is designed to support an
-API Level <em>lower than</em> 8, you can choose to support this feature for devices with API Level 8
-or greater and still be compatible with devices using an API Level lower than 8.</p>
-
-<p>To allow installation on external storage and remain compatible with versions lower than API
-Level 8:</p>
-<ol>
- <li>Include the {@code android:installLocation} attribute with a value of "{@code auto}" or
-"{@code preferExternal}" in the <code><a
-href="{@docRoot}guide/topics/manifest/uses-sdk-element.html"><manifest></a></code>
-element.</li>
- <li>Leave your {@code android:minSdkVersion} attribute as is (something <em>less
-than</em> "8") and be certain that your application code uses only APIs compatible with that
-level.</li>
- <li>In order to compile your application, change your build target to API Level 8. This is
-necessary because older Android libraries don't understand the {@code android:installLocation}
-attribute and will not compile your application when it's present.</li>
-</ol>
-
-<p>When your application is installed on a device with an API Level lower than 8, the {@code
-android:installLocation} attribute is ignored and the application is installed on the internal
-storage.</p>
-
-<p class="caution"><strong>Caution:</strong> Although XML markup such as this will be ignored by
-older platforms, you must be careful not to use programming APIs introduced in API Level 8
-while your {@code minSdkVersion} is less than "8", unless you perform the work necessary to
-provide backward compatibility in your code. For information about building
-backward compatibility in your application code, see the <a
-href="{@docRoot}resources/articles/backward-compatibility.html">Backward Compatibility</a>
-article.</p>
-
-
-
-<h2 id="ShouldNot">Applications That Should NOT Install on External Storage</h2>
-
-<p>When the user enables USB mass storage to share files with their computer (or otherwise
-unmounts or removes the external storage), any application
-installed on the external storage and currently running is killed. The system effectively becomes
-unaware of the application until mass storage is disabled and the external storage is
-remounted on the device. Besides killing the application and making it unavailable to the user,
-this can break some types of applications in a more serious way. In order for your application to
-consistently behave as expected, you <strong>should not</strong> allow your application to be
-installed on the external storage if it uses any of the following features, due to the cited
-consequences when the external storage is unmounted:</p>
-
-<dl>
- <dt>Services</dt>
- <dd>Your running {@link android.app.Service} will be killed and will not be restarted when
-external storage is remounted. You can, however, register for the {@link
-android.content.Intent#ACTION_EXTERNAL_APPLICATIONS_AVAILABLE} broadcast Intent, which will notify
-your application when applications installed on external storage have become available to the
-system again. At which time, you can restart your Service.</dd>
- <dt>Alarm Services</dt>
- <dd>Your alarms registered with {@link android.app.AlarmManager} will be cancelled. You must
-manually re-register any alarms when external storage is remounted.</dd>
- <dt>Input Method Engines</dt>
- <dd>Your <a href="{@docRoot}resources/articles/on-screen-inputs.html">IME</a> will be
-replaced by the default IME. When external storage is remounted, the user can open system settings
-to enable your IME again.</dd>
- <dt>Live Wallpapers</dt>
- <dd>Your running <a href="{@docRoot}resources/articles/live-wallpapers.html">Live Wallpaper</a>
-will be replaced by the default Live Wallpaper. When external storage is remounted, the user can
-select your Live Wallpaper again.</dd>
- <dt>Live Folders</dt>
- <dd>Your <a href="{@docRoot}resources/articles/live-folders.html">Live Folder</a> will be
-removed from the home screen. When external storage is remounted, the user can add your Live Folder
-to the home screen again.</dd>
- <dt>App Widgets</dt>
- <dd>Your <a href="{@docRoot}guide/topics/appwidgets/index.html">App Widget</a> will be removed
-from the home screen. When external storage is remounted, your App Widget will <em>not</em> be
-available for the user to select until the system resets the home application (usually not until a
-system reboot).</dd>
- <dt>Account Managers</dt>
- <dd>Your accounts created with {@link android.accounts.AccountManager} will disappear until
-external storage is remounted.</dd>
- <dt>Sync Adapters</dt>
- <dd>Your {@link android.content.AbstractThreadedSyncAdapter} and all its sync functionality will
-not work until external storage is remounted.</dd>
- <dt>Device Administrators</dt>
- <dd>Your {@link android.app.admin.DeviceAdminReceiver} and all its admin capabilities will
-be disabled, which can have unforeseeable consequences for the device functionality, which may
-persist after external storage is remounted.</dd>
- <dt>Broadcast Receivers listening for "boot completed"</dt>
- <dd>The system delivers the {@link android.content.Intent#ACTION_BOOT_COMPLETED} broadcast
-before the external storage is mounted to the device. If your application is installed on the
-external storage, it can never receive this broadcast.</dd>
- <dt>Copy Protection</dt>
- <dd>Your application cannot be installed to a device's SD card if it uses Google Play's
- Copy Protection feature. However, if you use Google Play's
- <a href="{@docRoot}google/play/licensing.html">Application Licensing</a> instead, your
- application <em>can</em> be installed to internal or external storage, including SD cards.</dd>
-</dl>
-
-<p>If your application uses any of the features listed above, you <strong>should not</strong> allow
-your application to install on external storage. By default, the system <em>will not</em> allow your
-application to install on the external storage, so you don't need to worry about your existing
-applications. However, if you're certain that your application should never be installed on the
-external storage, then you should make this clear by declaring <a
-href="{@docRoot}guide/topics/manifest/manifest-element.html#install">{@code
-android:installLocation}</a> with a value of "{@code internalOnly}". Though this does not
-change the default behavior, it explicitly states that your application should only be installed
-on the internal storage and serves as a reminder to you and other developers that this decision has
-been made.</p>
-
-
-<h2 id="Should">Applications That Should Install on External Storage</h2>
-
-<p>In simple terms, anything that does not use the features listed in the previous section
-are safe when installed on external storage. Large games are more commonly the types of
-applications that should allow installation on external storage, because games don't typically
-provide additional services when inactive. When external storage becomes unavailable and a game
-process is killed, there should be no visible effect when the storage becomes available again and
-the user restarts the game (assuming that the game properly saved its state during the normal
-<a href="{@docRoot}guide/components/activities.html#Lifecycle">Activity lifecycle</a>).</p>
-
-<p>If your application requires several megabytes for the APK file, you should
-carefully consider whether to enable the application to install on the external storage so that
-users can preserve space on their internal storage.</p>
-
diff --git a/docs/html/guide/topics/data/install-location.jd b/docs/html/guide/topics/data/install-location.jd
index 061a2c0..757cd19 100644
--- a/docs/html/guide/topics/data/install-location.jd
+++ b/docs/html/guide/topics/data/install-location.jd
@@ -164,11 +164,6 @@
<dd>The system delivers the {@link android.content.Intent#ACTION_BOOT_COMPLETED} broadcast
before the external storage is mounted to the device. If your application is installed on the
external storage, it can never receive this broadcast.</dd>
- <dt>Copy Protection</dt>
- <dd>Your application cannot be installed to a device's SD card if it uses Google Play's
- Copy Protection feature. However, if you use Google Play's
- <a href="{@docRoot}google/play/licensing/index.html">Application Licensing</a> instead, your
- application <em>can</em> be installed to internal or external storage, including SD cards.</dd>
</dl>
<p>If your application uses any of the features listed above, you <strong>should not</strong> allow
diff --git a/docs/html/guide/topics/manifest/manifest-element.jd b/docs/html/guide/topics/manifest/manifest-element.jd
index fd9f203..cce951e 100644
--- a/docs/html/guide/topics/manifest/manifest-element.jd
+++ b/docs/html/guide/topics/manifest/manifest-element.jd
@@ -144,17 +144,11 @@
<td>"{@code preferExternal}"</td>
<td>The application prefers to be installed on the external storage (SD card). There is no
guarantee that the system will honor this request. The application might be installed on internal
-storage if the external media is unavailable or full, or if the application uses the forward-locking
-mechanism (not supported on external storage). Once installed, the user can move the application to
+storage if the external media is unavailable or full. Once installed, the user can move the application to
either internal or external storage through the system settings.</td>
</tr>
</table>
-<p class="caution"><strong>Caution:</strong> If your application uses Google Play's Copy
- Protection feature, it cannot be installed to a device's SD card. However, if you use Google
- Play's <a href="{@docRoot}google/play/licensing/index.html">Application Licensing</a> instead,
- your application <em>can</em> be installed to internal or external storage, including SD cards.</p>
-
<p class="note"><strong>Note:</strong> By default, your application will be installed on the
internal storage and cannot be installed on the external storage unless you define this attribute
to be either "{@code auto}" or "{@code preferExternal}".</p>
diff --git a/docs/html/guide/topics/manifest/supports-gl-texture-element.jd b/docs/html/guide/topics/manifest/supports-gl-texture-element.jd
index 65d3d40..fa39317 100644
--- a/docs/html/guide/topics/manifest/supports-gl-texture-element.jd
+++ b/docs/html/guide/topics/manifest/supports-gl-texture-element.jd
@@ -162,7 +162,7 @@
a device reports the formats it supports as read-only system properties.</li>
</ul>
-<p>Each time you upload an application to the Google Play publisher site,
+<p>Each time you upload an application to the Google Play Developer Console,
Google Play scans the application's manifest file and looks for any
<code><supports-gl-texture></code> elements. It extracts the
format descriptors from the elements and stores them internally as
diff --git a/docs/html/guide/topics/manifest/uses-feature-element.jd b/docs/html/guide/topics/manifest/uses-feature-element.jd
index 3d6f18b..21d152c 100644
--- a/docs/html/guide/topics/manifest/uses-feature-element.jd
+++ b/docs/html/guide/topics/manifest/uses-feature-element.jd
@@ -237,7 +237,7 @@
Store application then passes the features list up to Google Play
when establishing the session for the user.</p>
-<p>Each time you upload an application to the Google Play publisher site,
+<p>Each time you upload an application to the Google Play Developer Console,
Google Play scans the application's manifest file. It looks for
<code><uses-feature></code> elements and evaluates them in combination
with other elements, in some cases, such as <code><uses-sdk></code> and
diff --git a/docs/html/guide/topics/manifest/uses-sdk-element.jd b/docs/html/guide/topics/manifest/uses-sdk-element.jd
index f9e2785..3b3bb8f 100644
--- a/docs/html/guide/topics/manifest/uses-sdk-element.jd
+++ b/docs/html/guide/topics/manifest/uses-sdk-element.jd
@@ -26,14 +26,14 @@
</div>
</div>
-<div class="sidebox-wrapper">
+<div class="sidebox-wrapper">
<div class="sidebox">
- <img src="{@docRoot}assets/images/icon_play.png" style="float:left;margin:0;padding:0;">
- <p style="color:#669999;padding-top:1em;">Google Play Filtering</p>
+ <img src="{@docRoot}assets/images/icon_play.png" style="float:left;margin:0;padding:0;">
+ <p style="color:#669999;padding-top:1em;">Google Play Filtering</p>
<p style="padding-top:1em;">Google Play uses the <code><uses-sdk></code>
- attributes declared in your app manifest to filter your app from devices
+ attributes declared in your app manifest to filter your app from devices
that do not meet it's platform version requirements. Before setting these
- attributes, make sure that you understand
+ attributes, make sure that you understand
<a href="{@docRoot}google/play/filters.html">Google Play filters</a>. </p>
</div>
</div>
@@ -41,7 +41,7 @@
<dl class="xml">
<dt>syntax:</dt>
<dd><pre>
-<uses-sdk android:<a href="#min">minSdkVersion</a>="<i>integer</i>"
+<uses-sdk android:<a href="#min">minSdkVersion</a>="<i>integer</i>"
android:<a href="#target">targetSdkVersion</a>="<i>integer</i>"
android:<a href="#max">maxSdkVersion</a>="<i>integer</i>" /></pre></dd>
@@ -55,14 +55,14 @@
</p>
<p>Despite its name, this element is used to specify the API Level, <em>not</em>
-the version number of the SDK (software development kit) or Android platform.
+the version number of the SDK (software development kit) or Android platform.
The API Level is always a single integer. You cannot derive the API Level from
its associated Android version number (for example, it is not the same as the
major version or the sum of the major and minor versions).</p>
<p>Also read the document about
<a href="{@docRoot}tools/publishing/versioning.html">Versioning Your Applications</a>.
-</p></dd>
+</p></dd>
<dt>attributes:</dt>
@@ -117,8 +117,8 @@
</dd>
<dt><a name="max"></a>{@code android:maxSdkVersion}</dt>
- <dd>An integer designating the maximum API Level on which the application is
- designed to run.
+ <dd>An integer designating the maximum API Level on which the application is
+ designed to run.
<p>In Android 1.5, 1.6, 2.0, and 2.0.1, the system checks the value of this
attribute when installing an application and when re-validating the application
@@ -165,7 +165,7 @@
as a filter, however, when presenting users with applications available for
download. </div>
</dd>
-
+
</dl></dd>
@@ -217,7 +217,7 @@
<p>The framework API that an Android platform delivers is specified using an
integer identifier called "API Level". Each Android platform version supports
exactly one API Level, although support is implicit for all earlier API Levels
-(down to API Level 1). The initial release of the Android platform provided
+(down to API Level 1). The initial release of the Android platform provided
API Level 1 and subsequent releases have incremented the API Level.</p>
<p>The table below specifies the API Level supported by each version of the
@@ -227,8 +227,8 @@
<table>
<tr><th>Platform Version</th><th>API Level</th><th>VERSION_CODE</th><th>Notes</th></tr>
-
- <tr><td><a href="{@docRoot}about/versions/android-4.2.html">Android 4.2</a></td>
+
+ <tr><td><a href="{@docRoot}about/versions/android-4.2.html">Android 4.2, 4.2.2</a></td>
<td><a href="{@docRoot}sdk/api_diff/17/changes.html" title="Diff Report">17</a></td>
<td>{@link android.os.Build.VERSION_CODES#JELLY_BEAN_MR1}</td>
<td><a href="{@docRoot}about/versions/jelly-bean.html">Platform
@@ -250,70 +250,70 @@
<td><a href="{@docRoot}sdk/api_diff/14/changes.html" title="Diff Report">14</a></td>
<td>{@link android.os.Build.VERSION_CODES#ICE_CREAM_SANDWICH}</td>
</tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-3.2.html">Android 3.2</a></td>
<td><a href="{@docRoot}sdk/api_diff/13/changes.html" title="Diff Report">13</a></td>
<td>{@link android.os.Build.VERSION_CODES#HONEYCOMB_MR2}</td>
<td><!-- <a href="{@docRoot}about/versions/android-3.2-highlights.html">Platform
Highlights</a>--></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-3.1.html">Android 3.1.x</a></td>
<td><a href="{@docRoot}sdk/api_diff/12/changes.html" title="Diff Report">12</a></td>
<td>{@link android.os.Build.VERSION_CODES#HONEYCOMB_MR1}</td>
<td><a href="{@docRoot}about/versions/android-3.1-highlights.html">Platform Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-3.0.html">Android 3.0.x</td>
<td><a href="{@docRoot}sdk/api_diff/11/changes.html" title="Diff Report">11</a></td>
<td>{@link android.os.Build.VERSION_CODES#HONEYCOMB}</td>
<td><a href="{@docRoot}about/versions/android-3.0-highlights.html">Platform Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.3.3.html">Android 2.3.4<br>Android 2.3.3</td>
<td><a href="{@docRoot}sdk/api_diff/10/changes.html" title="Diff Report">10</a></td>
<td>{@link android.os.Build.VERSION_CODES#GINGERBREAD_MR1}</td>
<td rowspan="2"><a href="{@docRoot}about/versions/android-2.3-highlights.html">Platform
Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.3.html">Android 2.3.2<br>Android 2.3.1<br>Android
2.3</td>
<td><a href="{@docRoot}sdk/api_diff/9/changes.html" title="Diff Report">9</a></td>
<td>{@link android.os.Build.VERSION_CODES#GINGERBREAD}</td>
</tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.2.html">Android 2.2.x</td>
<td ><a href="{@docRoot}sdk/api_diff/8/changes.html" title="Diff Report">8</a></td>
<td>{@link android.os.Build.VERSION_CODES#FROYO}</td>
<td><a href="{@docRoot}about/versions/android-2.2-highlights.html">Platform Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.1.html">Android 2.1.x</td>
<td><a href="{@docRoot}sdk/api_diff/7/changes.html" title="Diff Report">7</a></td>
<td>{@link android.os.Build.VERSION_CODES#ECLAIR_MR1}</td>
<td rowspan="3" ><a href="{@docRoot}about/versions/android-2.0-highlights.html">Platform
Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.0.1.html">Android 2.0.1</td>
<td><a href="{@docRoot}sdk/api_diff/6/changes.html" title="Diff Report">6</a></td>
<td>{@link android.os.Build.VERSION_CODES#ECLAIR_0_1}</td>
</tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-2.0.html">Android 2.0</td>
<td><a href="{@docRoot}sdk/api_diff/5/changes.html" title="Diff Report">5</a></td>
<td>{@link android.os.Build.VERSION_CODES#ECLAIR}</td>
</tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-1.6.html">Android 1.6</td>
<td><a href="{@docRoot}sdk/api_diff/4/changes.html" title="Diff Report">4</a></td>
<td>{@link android.os.Build.VERSION_CODES#DONUT}</td>
<td><a href="{@docRoot}about/versions/android-1.6-highlights.html">Platform Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-1.5.html">Android 1.5</td>
<td><a href="{@docRoot}sdk/api_diff/3/changes.html" title="Diff Report">3</a></td>
<td>{@link android.os.Build.VERSION_CODES#CUPCAKE}</td>
<td><a href="{@docRoot}about/versions/android-1.5-highlights.html">Platform Highlights</a></td></tr>
-
+
<tr><td><a href="{@docRoot}about/versions/android-1.1.html">Android 1.1</td>
<td>2</td>
<td>{@link android.os.Build.VERSION_CODES#BASE_1_1}</td><td></td></tr>
-
+
<tr><td>Android 1.0</td>
<td>1</td>
<td>{@link android.os.Build.VERSION_CODES#BASE}</td>
@@ -324,10 +324,10 @@
<h2 id="uses">Uses of API Level in Android</h2>
<p>The API Level identifier serves a key role in ensuring the best possible
-experience for users and application developers:
+experience for users and application developers:
<ul>
-<li>It lets the Android platform describe the maximum framework API revision
+<li>It lets the Android platform describe the maximum framework API revision
that it supports</li>
<li>It lets applications describe the framework API revision that they
require</li>
@@ -349,7 +349,7 @@
<li><code>android:targetSdkVersion</code> — Specifies the API Level
on which the application is designed to run. In some cases, this allows the
application to use manifest elements or behaviors defined in the target
-API Level, rather than being restricted to using only those defined
+API Level, rather than being restricted to using only those defined
for the minimum API Level.</li>
<li><code>android:maxSdkVersion</code> — Specifies the maximum API Level
on which the application is able to run. <strong>Important:</strong> Please read the <a
@@ -375,7 +375,7 @@
must be less than or equal to the system's API Level integer. If not declared,
the system assumes that the application requires API Level 1. </li>
<li>If a <code>android:maxSdkVersion</code> attribute is declared, its value
-must be equal to or greater than the system's API Level integer.
+must be equal to or greater than the system's API Level integer.
If not declared, the system assumes that the application
has no maximum API Level. Please read the <a
href="{@docRoot}guide/topics/manifest/uses-sdk-element.html"><code><uses-sdk></code></a>
@@ -470,7 +470,7 @@
<p>When you are developing your application, you will need to choose
the platform version against which you will compile the application. In
general, you should compile your application against the lowest possible
-version of the platform that your application can support.
+version of the platform that your application can support.
<p>You can determine the lowest possible platform version by compiling the
application against successively lower build targets. After you determine the
@@ -513,7 +513,7 @@
located in the <sdk>/tools directory. You can launch the SDK updater by
executing <code>android sdk</code>. You can
also simply double-click the android.bat (Windows) or android (OS X/Linux) file.
-In ADT, you can also access the updater by selecting
+In ADT, you can also access the updater by selecting
<strong>Window</strong> > <strong>Android SDK
Manager</strong>.</p>
@@ -552,9 +552,9 @@
<h2 id="filtering">Filtering the Reference Documentation by API Level</h2>
<p>Reference documentation pages on the Android Developers site offer a "Filter
-by API Level" control in the top-right area of each page. You can use the
-control to show documentation only for parts of the API that are actually
-accessible to your application, based on the API Level that it specifies in
+by API Level" control in the top-right area of each page. You can use the
+control to show documentation only for parts of the API that are actually
+accessible to your application, based on the API Level that it specifies in
the <code>android:minSdkVersion</code> attribute of its manifest file. </p>
<p>To use filtering, select the checkbox to enable filtering, just below the
@@ -574,10 +574,10 @@
</p>
<p>Also note that the reference documentation for individual API elements
-specifies the API Level at which each element was introduced. The API Level
-for packages and classes is specified as "Since <api level>" at the
-top-right corner of the content area on each documentation page. The API Level
-for class members is specified in their detailed description headers,
+specifies the API Level at which each element was introduced. The API Level
+for packages and classes is specified as "Since <api level>" at the
+top-right corner of the content area on each documentation page. The API Level
+for class members is specified in their detailed description headers,
at the right margin. </p>
diff --git a/docs/html/guide/topics/providers/content-provider-basics.jd b/docs/html/guide/topics/providers/content-provider-basics.jd
index 527e713..199a671b 100644
--- a/docs/html/guide/topics/providers/content-provider-basics.jd
+++ b/docs/html/guide/topics/providers/content-provider-basics.jd
@@ -143,7 +143,7 @@
<p>
A content provider presents data to external applications as one or more tables that are
similar to the tables found in a relational database. A row represents an instance of some type
- of data the provider collects, and each row in the column represents an individual piece of
+ of data the provider collects, and each column in the row represents an individual piece of
data collected for an instance.
</p>
<p>
diff --git a/docs/html/reference/com/google/android/gms/common/Scopes.html b/docs/html/reference/com/google/android/gms/common/Scopes.html
index 847a613..07afe05 100644
--- a/docs/html/reference/com/google/android/gms/common/Scopes.html
+++ b/docs/html/reference/com/google/android/gms/common/Scopes.html
@@ -982,44 +982,6 @@
-
-<A NAME="GAMES"></A>
-
-<div class="jd-details api apilevel-">
- <h4 class="jd-details-title">
- <span class="normal">
- public
- static
- final
- String
- </span>
- GAMES
- </h4>
- <div class="api-level">
-
-
-
-
- </div>
- <div class="jd-details-descr">
-
- <div class="jd-tagdata jd-tagdescr"><p>Scope for accessing data from the games service. </p></div>
-
-
- <div class="jd-tagdata">
- <span class="jd-tagtitle">Constant Value: </span>
- <span>
-
- "https://www.googleapis.com/auth/games"
-
- </span>
- </div>
-
- </div>
-</div>
-
-
-
<A NAME="PLUS_LOGIN"></A>
<div class="jd-details api apilevel-">
diff --git a/docs/html/sdk/index.jd b/docs/html/sdk/index.jd
index 6307c69..315c977 100644
--- a/docs/html/sdk/index.jd
+++ b/docs/html/sdk/index.jd
@@ -4,25 +4,25 @@
page.metaDescription=Download the official Android SDK to develop apps for Android-powered devices.
-sdk.linux32_bundle_download=adt-bundle-linux-x86.zip
-sdk.linux32_bundle_bytes=418614971
-sdk.linux32_bundle_checksum=24506708af221a887326c2a9ca9625dc
+sdk.linux32_bundle_download=adt-bundle-linux-x86-20130219.zip
+sdk.linux32_bundle_bytes=418664018
+sdk.linux32_bundle_checksum=e56ebb5c8eb84eb3227cf7c255373f4b
-sdk.linux64_bundle_download=adt-bundle-linux-x86_64.zip
-sdk.linux64_bundle_bytes=418889835
-sdk.linux64_bundle_checksum=464c1fbe92ea293d6b2292c27af5066a
+sdk.linux64_bundle_download=adt-bundle-linux-x86_64-20130219.zip
+sdk.linux64_bundle_bytes=418939098
+sdk.linux64_bundle_checksum=90cb420934170787938d0477c1a83a7f
-sdk.mac64_bundle_download=adt-bundle-mac-x86_64.zip
-sdk.mac64_bundle_bytes=390649300
-sdk.mac64_bundle_checksum=f557bc61a4bff466633037839771bffb
+sdk.mac64_bundle_download=adt-bundle-mac-x86_64-20130219.zip
+sdk.mac64_bundle_bytes=390697025
+sdk.mac64_bundle_checksum=b768c28f380c1846479664c4790e9c53
-sdk.win32_bundle_download=adt-bundle-windows-x86.zip
-sdk.win32_bundle_bytes=425429957
-sdk.win32_bundle_checksum=cca97f12904774385a57d542e70a490f
+sdk.win32_bundle_download=adt-bundle-windows-x86-20130219.zip
+sdk.win32_bundle_bytes=425487608
+sdk.win32_bundle_checksum=4a40039f28048e6d7b2440adf55b8321
-sdk.win64_bundle_download=adt-bundle-windows-x86_64.zip
-sdk.win64_bundle_bytes=425553759
-sdk.win64_bundle_checksum=c51679f4517e1c3ddefa1e662bbf17f6
+sdk.win64_bundle_download=adt-bundle-windows-x86_64-20130219.zip
+sdk.win64_bundle_bytes=425611626
+sdk.win64_bundle_checksum=891f79816b4d19042faab26d670f4f77
diff --git a/docs/html/tools/device.jd b/docs/html/tools/device.jd
index cf7b63f..9bdaf47 100644
--- a/docs/html/tools/device.jd
+++ b/docs/html/tools/device.jd
@@ -213,6 +213,10 @@
<td><code>22b8</code></td>
</tr>
<tr>
+ <td>MTK</td>
+ <td><code>0e8d</code></td>
+ </tr>
+ <tr>
<td>NEC</td>
<td><code>0409</code></td>
</tr>
diff --git a/docs/html/tools/extras/oem-usb.jd b/docs/html/tools/extras/oem-usb.jd
index 9e3c709..774fe87 100644
--- a/docs/html/tools/extras/oem-usb.jd
+++ b/docs/html/tools/extras/oem-usb.jd
@@ -211,7 +211,7 @@
<h2 id="Drivers">OEM Drivers</h2>
<p class="note"><strong>Note:</strong> If your device is one of the Android Developer Phones
-(purchased from the Google Play publisher site), a Nexus One, or a Nexus S, then you need
+(purchased from the Google Play Developer Console), a Nexus One, or a Nexus S, then you need
the <a href="{@docRoot}sdk/win-usb.html">Google USB Driver</a>, instead of an OEM driver. The Galaxy
Nexus driver, however, is distributed by <a
href="http://www.samsung.com/us/support/downloads/verizon-wireless/SCH-I515MSAVZW">Samsung</a>
@@ -299,9 +299,14 @@
</tr>
<tr><td>LGE</td> <td><a
href="http://www.lg.com/us/mobile-phones/mobile-support/mobile-lg-mobile-phone-support.jsp">http://www.lg.com/us/mobile-phones/mobile-support/mobile-lg-mobile-phone-support.jsp</a></td>
-</tr><tr><td>Motorola</td> <td><a
+</tr>
+<tr><td>Motorola</td> <td><a
href="http://developer.motorola.com/docstools/USB_Drivers/">http://developer.motorola.com/docstools/USB_Drivers/</a></td>
-</tr><tr><td>Pantech</td> <td><a
+</tr>
+<tr><td>MTK</td> <td><a
+href="http://online.mediatek.com/Public%20Documents/MTK_Android_USB_Driver.zip">http://online.mediatek.com/Public%20Documents/MTK_Android_USB_Driver.zip</a></td>
+</tr>
+<tr><td>Pantech</td> <td><a
href="http://www.isky.co.kr/cs/software/software.sky?fromUrl=index">http://www.isky.co.kr/cs/software/software.sky?fromUrl=index</a></td>
</tr><tr><td>Pegatron</td> <td><a
href="http://www.pegatroncorp.com/download/New_Duke_PC_Driver_0705.zip">http://www.pegatroncorp.com/download/New_Duke_PC_Driver_0705.zip</a> (ZIP download)</td>
diff --git a/docs/html/tools/extras/support-library.jd b/docs/html/tools/extras/support-library.jd
index 08ac172..6475e3c 100644
--- a/docs/html/tools/extras/support-library.jd
+++ b/docs/html/tools/extras/support-library.jd
@@ -46,10 +46,33 @@
<p>The sections below provide notes about successive releases of
the Support Package, as denoted by revision number.</p>
-
<div class="toggle-content opened">
<p><a href="#" onclick="return toggleContent(this)">
<img src="{@docRoot}assets/images/triangle-opened.png" class="toggle-content-img" alt=""
+/>Support Package, revision 12</a> <em>(February 2013)</em>
+ </p>
+ <div class="toggle-content-toggleme">
+ <dl>
+ <dt>Changes for v4 support library:</dt>
+ <dd>
+ <ul>
+ <li>Improved interaction behavior for {@link android.support.v4.view.ViewPager}.</li>
+ <li>Fixed a bug that could cause {@link android.support.v4.view.ViewPager} to select the
+ wrong page.</li>
+ <li>Fixed use of {@link android.support.v4.view.ViewPager#removeView removeView()} method
+ during layout for {@link android.support.v4.view.ViewPager}.</li>
+ <li>Fixed issue with {@link android.support.v4.widget.SearchViewCompat} where using the
+ back button to dismiss does not clear the search text. This fix only applies to
+ host API levels 14 and higher.</li>
+ </ul>
+ </dd>
+ </dl>
+ </div>
+</div>
+
+<div class="toggle-content closed">
+ <p><a href="#" onclick="return toggleContent(this)">
+ <img src="{@docRoot}assets/images/triangle-closed.png" class="toggle-content-img" alt=""
/>Support Package, revision 11</a> <em>(November 2012)</em>
</p>
<div class="toggle-content-toggleme">
@@ -119,7 +142,7 @@
<dt>Changes for v4 support library:</dt>
<dd>
<ul>
- <li>Added support for notification features introduced in Android 4.1 (API Level 16) with
+ <li>Added support for notification features introduced in Android 4.1 (API level 16) with
additions to {@link android.support.v4.app.NotificationCompat}.</li>
</ul>
</dd>
@@ -210,7 +233,7 @@
<li>Fixed intent flags for {@link android.app.PendingIntent} objects generated
by {@link android.support.v4.app.TaskStackBuilder}.</li>
<li>Removed unused attributes from the gridlayout library projects to make sure
- the library can be built with API Level 7 and higher.</li>
+ the library can be built with API level 7 and higher.</li>
<li>Added {@code .classpath} and {@code .project} files for the gridlayout
library project.</li>
</ul>
diff --git a/docs/html/tools/revisions/platforms.jd b/docs/html/tools/revisions/platforms.jd
index c1bc185..31cec0e 100644
--- a/docs/html/tools/revisions/platforms.jd
+++ b/docs/html/tools/revisions/platforms.jd
@@ -44,11 +44,28 @@
SDK tools to revision 20 or later and restart the Android SDK Manager. If you do not,
the Android 4.2 system components will not be available for download.</p>
-
<div class="toggle-content opened">
<p><a href="#" onclick="return toggleContent(this)">
<img src="{@docRoot}assets/images/triangle-opened.png"
+class="toggle-content-img" alt="" />Revision 2</a> <em>(February 2013)</em>
+ </p>
+
+ <div class="toggle-content-toggleme">
+
+ <p>Maintenance update. The system version is 4.2.2.</p>
+ <dl>
+ <dt>Dependencies:</dt>
+ <dd>SDK Tools r21 or higher is required.</dd>
+ </dl>
+
+ </div>
+</div>
+
+<div class="toggle-content closed">
+
+ <p><a href="#" onclick="return toggleContent(this)">
+ <img src="{@docRoot}assets/images/triangle-closed.png"
class="toggle-content-img" alt="" />Revision 1</a> <em>(November 2012)</em>
</p>
diff --git a/docs/html/tools/sdk/eclipse-adt.jd b/docs/html/tools/sdk/eclipse-adt.jd
index 4adb7b2..a3f53bbe 100644
--- a/docs/html/tools/sdk/eclipse-adt.jd
+++ b/docs/html/tools/sdk/eclipse-adt.jd
@@ -69,7 +69,7 @@
<li>Java 1.6 or higher is required for ADT 21.1.0.</li>
<li>Eclipse Helios (Version 3.6.2) or higher is required for ADT 21.1.0.</li>
<li>ADT 21.1.0 is designed for use with <a href="{@docRoot}tools/sdk/tools-notes.html">SDK
- Tools r21.1.0</a>. If you haven't already installed SDK Tools r21.1.0 into your SDK, use the
+ Tools r21.1</a>. If you haven't already installed SDK Tools r21.1 into your SDK, use the
Android SDK Manager to do so.</li>
</ul>
</dd>
diff --git a/docs/html/tools/sdk/tools-notes.jd b/docs/html/tools/sdk/tools-notes.jd
index a5b7eee..7d121844 100644
--- a/docs/html/tools/sdk/tools-notes.jd
+++ b/docs/html/tools/sdk/tools-notes.jd
@@ -28,7 +28,7 @@
<div class="toggle-content opened">
<p><a href="#" onclick="return toggleContent(this)">
<img src="{@docRoot}assets/images/triangle-opened.png" class="toggle-content-img"
- alt=""/>SDK Tools, Revision 21.1.0</a> <em>(February 2013)</em>
+ alt=""/>SDK Tools, Revision 21.1</a> <em>(February 2013)</em>
</p>
<div class="toggle-content-toggleme">
@@ -38,7 +38,7 @@
<dd>
<ul>
<li>Android SDK Platform-tools revision 16 or later.</li>
- <li>If you are developing in Eclipse with ADT, note that the SDK Tools r21.1.0 is
+ <li>If you are developing in Eclipse with ADT, note that the SDK Tools r21.1 is
designed for use with ADT 21.1.0 and later. If you haven't already, update your
<a href="{@docRoot}tools/sdk/eclipse-adt.html">ADT Plugin</a> to 21.1.0.</li>
<li>If you are developing outside Eclipse, you must have
diff --git a/docs/html/training/articles/security-ssl.jd b/docs/html/training/articles/security-ssl.jd
new file mode 100644
index 0000000..9a6320b
--- /dev/null
+++ b/docs/html/training/articles/security-ssl.jd
@@ -0,0 +1,539 @@
+page.title=Security with HTTPS and SSL
+page.article=true
+@jd:body
+
+<div id="tb-wrapper">
+<div id="tb">
+<h2>In this document</h2>
+<ol class="nolist">
+ <li><a href="#Concepts">Concepts</a></li>
+ <li><a href="#HttpsExample">An HTTP Example</a></li>
+ <li><a href="#CommonProblems">Common Problems Verifying Server Certificates</a>
+ <ol class="nolist">
+ <li><a href="#UnknownCa">Unknown certificate authority</a></li>
+ <li><a href="#SelfSigned">Self-signed server certificate</a></li>
+ <li><a href="#MissingCa">Missing intermediate certificate authority</a></li>
+ </ol>
+ </li>
+ <li><a href="#CommonHostnameProbs">Common Problems with Hostname Verification</a></li>
+ <li><a href="#WarningsSslSocket">Warnings About Using SSLSocket Directly</a></li>
+ <li><a href="#Blacklisting">Blacklisting</a></li>
+ <li><a href="#Pinning">Pinning</a></li>
+ <li><a href="#ClientCert">Client Certificates</a></li>
+</ol>
+
+
+<h2>See also</h2>
+<ul>
+<li><a href="http://source.android.com/tech/security/index.html">Android
+Security Overview</a></li>
+<li><a href="{@docRoot}guide/topics/security/permissions.html">Permissions</a></li>
+</ul>
+</div></div>
+
+
+
+<p>The Secure Sockets Layer (SSL)—now technically known as <a
+href="http://en.wikipedia.org/wiki/Transport_Layer_Security">Transport Layer Security
+(TLS)</a>—is a
+common building block for encrypted communications between clients and servers. It's possible that
+an application might use SSL incorrectly such that malicious entities may
+be able to intercept an app's data over the network. To help you ensure that this does not happen
+to your app, this article highlights the common pitfalls when using secure network protocols and addresses some larger concerns about using <a
+href="http://en.wikipedia.org/wiki/Public-key_infrastructure">Public-Key Infrastructure (PKI)</a>.
+
+
+<h2 id="Concepts">Concepts</h2>
+
+<p>In a typical SSL usage scenario, a server is configured with a certificate containing a
+public key as well as a matching private key. As part of the handshake between an SSL client
+and server, the server proves it has the private key by signing its certificate with <a
+href="http://en.wikipedia.org/wiki/Public-key_cryptography">public-key cryptography</a>.</p>
+
+<p>However, anyone can generate their own certificate and private key, so a simple handshake
+doesn't prove anything about the server other than that the server knows the private key that
+matches the public key of the certificate. One way to solve this problem is to have the client
+have a set of one or more certificates it trusts. If the certificate is not in the set, the
+server is not to be trusted.</p>
+
+<p>There are several downsides to this simple approach. Servers should be able to
+upgrade to stronger keys over time ("key rotation"), which replaces the public key in the
+certificate with a new one. Unfortunately, now the client app has to be updated due to what
+is essentially a server configuration change. This is especially problematic if the server
+is not under the app developer's control, for example if it is a third party web service. This
+approach also has issues if the app has to talk to arbitrary servers such as a web browser or
+email app.</p>
+
+<p>In order to address these downsides, servers are typically configured with certificates
+from well known issuers called <a
+href="http://en.wikipedia.org/wiki/Certificate_authority">Certificate Authorities (CAs)</a>.
+The host platform generally contains a list of well known CAs that it trusts.
+As of Android 4.2 (Jelly Bean), Android currently contains over 100 CAs that are updated
+in each release. Similar to a server, a CA has a certificate and a private key. When issuing
+a certificate for a server, the CA <a
+href="http://en.wikipedia.org/wiki/Digital_signature">signs</a>
+the server certificate using its private key. The
+client can then verify that the server has a certificate issued by a CA known to the platform.</p>
+
+<p>However, while solving some problems, using CAs introduces another. Because the CA issues
+certificates for many servers, you still need some way to make sure you are talking to the
+server you want. To address this, the certificate issued by the CA identifies the server
+either with a specific name such as <em>gmail.com</em> or a wildcarded set of
+hosts such as <em>*.google.com</em>. </p>
+
+<p>The following example will make these concepts a little more concrete. In the snippet below
+from a command line, the <a href="http://www.openssl.org/docs/apps/openssl.html">{@code openssl}</a>
+tool's {@code s_client} command looks at Wikipedia's server certificate information. It
+specifies port 443 because that is the default for <acronym title="Hypertext Transfer
+Protocol Secure">HTTPS</acronym>. The command sends
+the output of {@code openssl s_client} to {@code openssl x509}, which formats information
+about certificates according to the <a
+href="http://en.wikipedia.org/wiki/X.509">X.509 standard</a>. Specifically,
+the command asks for the subject, which contains the server name information,
+and the issuer, which identifies the CA.</p>
+
+<pre class="no-pretty-print">
+$ openssl s_client -connect wikipedia.org:443 | openssl x509 -noout -subject -issuer
+<b>subject=</b> /serialNumber=sOrr2rKpMVP70Z6E9BT5reY008SJEdYv/C=US/O=*.wikipedia.org/OU=GT03314600/OU=See www.rapidssl.com/resources/cps (c)11/OU=Domain Control Validated - RapidSSL(R)/<b>CN=*.wikipedia.org</b>
+<b>issuer=</b> /C=US/O=GeoTrust, Inc./CN=<b>RapidSSL CA</b>
+</pre>
+
+<p>You can see that the certificate was issued for servers matching <em>*.wikipedia.org</em> by
+the RapidSSL CA.</p>
+
+
+
+<h2 id="HttpsExample">An HTTPS Example</h2>
+
+<p>Assuming you have a web server with a
+certificate issued by a well known CA, you can make a secure request with code as
+simple this:</p>
+
+<pre>
+URL url = new URL("https://wikipedia.org");
+URLConnection urlConnection = url.openConnection();
+InputStream in = urlConnection.getInputStream();
+copyInputStreamToOutputStream(in, System.out);
+</pre>
+
+<p>Yes, it really can be that simple. If you want to tailor the HTTP request, you can cast to
+an {@link java.net.HttpURLConnection}. The Android documentation for
+{@link java.net.HttpURLConnection} has further examples about how to deal with request
+and response headers, posting content, managing cookies, using proxies, caching responses,
+and so on. But in terms of the details for verifying certificates and hostnames, the Android
+framework takes care of it for you through these APIs.
+This is where you want to be if at all possible. That said, below are some other considerations.</p>
+
+
+
+<h2 id="CommonProblems">Common Problems Verifying Server Certificates</h2>
+
+<p>Suppose instead of receiving the content from {@link java.net.URLConnection#getInputStream
+getInputStream()}, it throws an exception:</p>
+
+<pre class="no-pretty-print">
+javax.net.ssl.SSLHandshakeException: java.security.cert.CertPathValidatorException: Trust anchor for certification path not found.
+ at org.apache.harmony.xnet.provider.jsse.OpenSSLSocketImpl.startHandshake(OpenSSLSocketImpl.java:374)
+ at libcore.net.http.HttpConnection.setupSecureSocket(HttpConnection.java:209)
+ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.makeSslConnection(HttpsURLConnectionImpl.java:478)
+ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:433)
+ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
+ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
+ at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:282)
+ at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:177)
+ at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
+</pre>
+
+<p>This can happen for several reasons, including:
+<ol>
+ <li><a href="#UnknownCa">The CA that issued the server certificate was unknown</a></li>
+ <li><a href="#SelfSigned">The server certificate wasn't signed by a CA, but was self signed</a></li>
+ <li><a href="#MissingCa">The server configuration is missing an intermediate CA</a></li>
+</ol>
+
+<p>The following sections discuss how to address these problems while keeping your
+connection to the server secure.
+
+
+
+<h3 id="UnknownCa">Unknown certificate authority</h3>
+
+<p>In this case, the {@link javax.net.ssl.SSLHandshakeException} occurs
+because you have a CA that isn't trusted by the system. It could be because
+you have a certificate from a new CA that isn't yet trusted by Android or your app is
+running on an older version without the CA. More often a CA is unknown because it isn't a
+public CA, but a private one issued by an organization such as a government, corporation,
+or education institution for their own use.</p>
+
+<p>Fortunately, you can teach {@link javax.net.ssl.HttpsURLConnection}
+to trust a specific set of CAs. The procedure
+can be a little convoluted, so below is an example that takes a specific CA from
+an {@link java.io.InputStream}, uses it to create a {@link java.security.KeyStore},
+which is then used to create and initialize a
+{@link javax.net.ssl.TrustManager}. A {@link javax.net.ssl.TrustManager} is what the system
+uses to validate certificates from the server
+and—by creating one from a {@link java.security.KeyStore} with one or more CAs—those
+will be the only CAs trusted by that {@link javax.net.ssl.TrustManager}.</p>
+
+<p>Given the new {@link javax.net.ssl.TrustManager},
+the example initializes a new {@link javax.net.ssl.SSLContext} which provides
+an {@link javax.net.ssl.SSLSocketFactory} you can use to override the default
+{@link javax.net.ssl.SSLSocketFactory} from
+{@link javax.net.ssl.HttpsURLConnection}. This way the
+connection will use your CAs for certificate validation.</p>
+
+<p>Here is the example in
+full using an organizational CA from the University of Washington:</p>
+
+<pre>
+// Load CAs from an InputStream
+// (could be from a resource or ByteArrayInputStream or ...)
+CertificateFactory cf = CertificateFactory.getInstance("X.509");
+// From https://www.washington.edu/itconnect/security/ca/load-der.crt
+InputStream caInput = new BufferedInputStream(new FileInputStream("load-der.crt"));
+Certificate ca;
+try {
+ ca = cf.generateCertificate(caInput);
+ System.out.println("ca=" + ((X509Certificate) ca).getSubjectDN());
+} finally {
+ caInput.close();
+}
+
+// Create a KeyStore containing our trusted CAs
+String keyStoreType = KeyStore.getDefaultType();
+KeyStore keyStore = KeyStore.getInstance(keyStoreType);
+keyStore.load(null, null);
+keyStore.setCertificateEntry("ca", ca);
+
+// Create a TrustManager that trusts the CAs in our KeyStore
+String tmfAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
+TrustManagerFactory tmf = TrustManagerFactory.getInstance(tmfAlgorithm);
+tmf.init(keyStore);
+
+// Create an SSLContext that uses our TrustManager
+SSLContext context = SSLContext.getInstance("TLS");
+context.init(null, tmf.getTrustManagers(), null);
+
+// Tell the URLConnection to use a SocketFactory from our SSLContext
+URL url = new URL("https://certs.cac.washington.edu/CAtest/");
+HttpsURLConnection urlConnection =
+ (HttpsURLConnection)url.openConnection();
+urlConnection.setSSLSocketFactory(context.getSocketFactory());
+InputStream in = urlConnection.getInputStream();
+copyInputStreamToOutputStream(in, System.out);
+</pre>
+
+<p>With a custom {@link javax.net.ssl.TrustManager} that knows about your CAs,
+the system is able to validate
+that your server certificate come from a trusted issuer.</p>
+
+<p class="caution"><strong>Caution:</strong>
+Many web sites describe a poor alternative solution which is to install a
+{@link javax.net.ssl.TrustManager} that does nothing. If you do this you might as well not
+be encrypting your communication, because anyone can attack your users at a public Wi-Fi hotspot
+by using <acronym title="Domain Name System">DNS</acronym> tricks to send your users'
+traffic through a proxy of their own that pretends to be your server. The attacker can then
+record passwords and other personal data. This works because the attacker can generate a
+certificate and—without a {@link javax.net.ssl.TrustManager} that actually
+validates that the certificate comes from a trusted
+source—your app could be talking to anyone. So don't do this, not even temporarily. You can
+always make your app trust the issuer of the server's certificate, so just do it.</p>
+
+
+
+<h3 id="SelfSigned">Self-signed server certificate</h3>
+
+<p>The second case of {@link javax.net.ssl.SSLHandshakeException} is
+due to a self-signed certificate, which means the server is behaving as its own CA.
+This is similar to an unknown certificate authority, so you can use the
+same approach from the previous section.</p>
+
+<p>You can create yout own {@link javax.net.ssl.TrustManager},
+this time trusting the server certificate directly. This has all of the
+downsides discussed earlier of tying your app directly to a certificate, but can be done
+securely. However, you should be careful to make sure your self-signed certificate has a
+reasonably strong key. As of 2012, a 2048-bit RSA signature with an exponent of 65537 expiring
+yearly is acceptable. When rotating keys, you should check for <a
+href="http://csrc.nist.gov/groups/ST/key_mgmt/index.html">recommendations</a> from an
+authority (such as <a href="http://www.nist.gov/">NIST</a>) about what is acceptable.</p>
+
+
+
+<h3 id="MissingCa">Missing intermediate certificate authority</h3>
+
+<p>The third case of {@link javax.net.ssl.SSLHandshakeException}
+occurs due to a missing intermediate CA. Most public
+CAs don't sign server certificates directly. Instead, they use their main CA certificate,
+referred to as the root CA, to sign intermediate CAs. They do this so the root CA can be stored
+offline to reduce risk of compromise. However, operating systems like Android typically
+trust only root CAs directly, which leaves a short gap of trust between the server
+certificate—signed by the intermediate CA—and the certificate verifier,
+which knows the root CA. To solve
+this, the server doesn't send the client only it's certificate during the SSL handshake, but
+a chain of certificates from the server CA through any intermediates necessary to reach a
+trusted root CA.</p>
+
+<p>To see what this looks like in practice, here's the <em>mail.google.com</em> certificate
+chain as viewed by the <a href="http://www.openssl.org/docs/apps/openssl.html">{@code openssl}</a>
+{@code s_client} command:</p>
+
+<pre class="no-pretty-print">
+$ openssl s_client -connect mail.google.com:443
+---
+Certificate chain
+ 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com
+ i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
+ 1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
+ i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+---
+</pre>
+
+
+<p>This shows that the server sends a certificate for <em>mail.google.com</em>
+issued by the <em>Thawte SGC</em> CA, which is an intermediate CA, and a second certificate
+for the <em>Thawte SGC</em> CA issued by a <em>Verisign</em> CA, which is the primary CA that's
+trusted by Android.</p>
+
+<p>However, it is not uncommon to configure a server to not include the necessary
+intermediate CA. For example, here is a server that can cause an error in Android browsers and
+exceptions in Android apps:</p>
+
+<pre class="no-pretty-print">
+$ openssl s_client -connect egov.uscis.gov:443
+---
+Certificate chain
+ 0 s:/C=US/ST=District Of Columbia/L=Washington/O=U.S. Department of Homeland Security/OU=United States Citizenship and Immigration Services/OU=Terms of use at www.verisign.com/rpa (c)05/CN=egov.uscis.gov
+ i:/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 International Server CA - G3
+---
+</pre>
+
+<p>What is interesting to note here is that visiting this server in most desktop browsers
+does not cause an error like a completely unknown CA or self-signed server certificate would
+cause. This is because most desktop browsers cache trusted intermediate CAs over time. Once
+a browser has visited and learned about an intermediate CA from one site, it won't
+need to have the intermediate CA included in the certificate chain the next time.</p>
+
+<p>Some sites do this intentionally for secondary web servers used to serve resources. For
+example, they might have their main HTML page served by a server with a full certificate
+chain, but have servers for resources such as images, CSS, or JavaScript not include the
+CA, presumably to save bandwidth. Unfortunately, sometimes these servers might be providing
+a web service you are trying to call from your Android app, which is not as forgiving.</p>
+
+<p>There are two approaches to solve this issue:</p>
+<ul>
+ <li>Configure the server to
+ include the intermediate CA in the server chain. Most CAs provide documentation on how to do
+ this for all common web servers. This is the only approach if you need the site to work with
+ default Android browsers at least through Android 4.2.</li>
+ <li>Or, treat the
+ intermediate CA like any other unknown CA, and create a {@link javax.net.ssl.TrustManager}
+ to trust it directly, as done in the previous two sections.</li>
+</ul>
+
+
+<h2 id="CommonHostnameProbs">Common Problems with Hostname Verification</h2>
+
+<p>As mentioned at the beginning of this article,
+there are two key parts to verifying an SSL connection. The first
+is to verify the certificate is from a trusted source, which was the focus of the previous
+section. The focus of this section is the second part: making sure the server you are
+talking to presents the right certificate. When it doesn't, you'll typically see an error
+like this:</p>
+
+<pre class="no-pretty-print">
+java.io.IOException: Hostname 'example.com' was not verified
+ at libcore.net.http.HttpConnection.verifySecureSocketHostname(HttpConnection.java:223)
+ at libcore.net.http.HttpsURLConnectionImpl$HttpsEngine.connect(HttpsURLConnectionImpl.java:446)
+ at libcore.net.http.HttpEngine.sendSocketRequest(HttpEngine.java:290)
+ at libcore.net.http.HttpEngine.sendRequest(HttpEngine.java:240)
+ at libcore.net.http.HttpURLConnectionImpl.getResponse(HttpURLConnectionImpl.java:282)
+ at libcore.net.http.HttpURLConnectionImpl.getInputStream(HttpURLConnectionImpl.java:177)
+ at libcore.net.http.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:271)
+</pre>
+
+
+<p>One reason this can happen is due to a server configuration error. The server is
+configured with a certificate that does not have a subject or subject alternative name fields
+that match the server you are trying to reach. It is possible to have one certificate be used
+with many different servers. For example, looking at the <em>google.com</em> certificate with
+<a href="http://www.openssl.org/docs/apps/openssl.html">{@code openssl}</a> {@code
+s_client -connect google.com:443 | openssl x509 -text} you can see that a subject
+that supports <em>*.google.com</em> but also subject alternative names for <em>*.youtube.com</em>,
+<em>*.android.com</em>, and others. The error occurs only when the server name you
+are connecting to isn't listed by the certificate as acceptable.</p>
+
+<p>Unfortunately this can happen for another reason as well: <a
+href="http://en.wikipedia.org/wiki/Virtual_hosting">virtual hosting</a>. When sharing a
+server for more than one hostname with HTTP, the web server can tell from the HTTP/1.1 request
+which target hostname the client is looking for. Unfortunately this is complicated with
+HTTPS, because the server has to know which certificate to return before it sees the HTTP
+request. To address this problem, newer versions of SSL, specifically TLSv.1.0 and later,
+support <a href="http://en.wikipedia.org/wiki/Server_Name_Indication">Server Name Indication
+(SNI)</a>, which allows the SSL client to specify the intended
+hostname to the server so the proper certificate can be returned.</p>
+
+<p>Fortunately, {@link javax.net.ssl.HttpsURLConnection} supports
+SNI since Android 2.3. Unfortunately, Apache
+HTTP Client does not, which is one of the many reasons we discourage its use. One workaround
+if you need to support Android 2.2 (and older) or Apache HTTP Client is to set up an alternative
+virtual host on a unique port so that it's unambiguous which server certificate to return.</p>
+
+<p>The more drastic alternative is to replace {@link javax.net.ssl.HostnameVerifier}
+with one that uses not the
+hostname of your virtual host, but the one returned by the server by default.</p>
+
+<p class="caution"><strong>Caution:</strong> Replacing {@link javax.net.ssl.HostnameVerifier}
+can be <strong>very dangerous</strong> if the other virtual host is
+not under your control, because a man-in-the-middle attack could direct traffic to another
+server without your knowledge.</p>
+
+<p>If you are still sure you want to override hostname verification, here is an example
+that replaces the verifier for a single {@link java.net.URLConnection}
+with one that still verifies that the hostname is at least on expected by the app:</p>
+
+<pre>
+// Create an HostnameVerifier that hardwires the expected hostname.
+// Note that is different than the URL's hostname:
+// example.com versus example.org
+HostnameVerifier hostnameVerifier = new HostnameVerifier() {
+ @Override
+ public boolean verify(String hostname, SSLSession session) {
+ HostnameVerifier hv =
+ HttpsURLConnection.getDefaultHostnameVerifier();
+ return hv.verify("example.com", session);
+ }
+};
+
+// Tell the URLConnection to use our HostnameVerifier
+URL url = new URL("https://example.org/");
+HttpsURLConnection urlConnection =
+ (HttpsURLConnection)url.openConnection();
+urlConnection.setHostnameVerifier(hostnameVerifier);
+InputStream in = urlConnection.getInputStream();
+copyInputStreamToOutputStream(in, System.out);
+</pre>
+
+<p>But remember, if you find yourself replacing hostname verification, especially
+due to virtual hosting, it's still <strong>very dangerous</strong> if the other virtual host is
+not under your control and you should find an alternative hosting arrangement
+that avoids this issue.</p>
+
+
+
+
+<h2 id="WarningsSslSocket">Warnings About Using SSLSocket Directly</h2>
+
+<p>So far, the examples have focused on HTTPS using {@link javax.net.ssl.HttpsURLConnection}.
+Sometimes apps need to use SSL separate from HTTP. For example, an email app might use SSL variants
+of SMTP, POP3, or IMAP. In those cases, the app would want to use {@link javax.net.ssl.SSLSocket}
+directly, much the same way that {@link javax.net.ssl.HttpsURLConnection} does internally.</p>
+
+<p>The techniques described so
+far to deal with certificate verification issues also apply to {@link javax.net.ssl.SSLSocket}.
+In fact, when using a custom {@link javax.net.ssl.TrustManager}, what is passed to
+{@link javax.net.ssl.HttpsURLConnection} is an {@link javax.net.ssl.SSLSocketFactory}.
+So if you need to use a custom {@link javax.net.ssl.TrustManager} with an
+{@link javax.net.ssl.SSLSocket}, follow
+the same steps and use that {@link javax.net.ssl.SSLSocketFactory} to create your
+{@link javax.net.ssl.SSLSocket}.</p>
+
+<p class="caution"><strong>Caution:</strong>
+{@link javax.net.ssl.SSLSocket} <strong>does not</strong> perform hostname verification. It is
+up the your app to do its own hostname verification, preferably by calling {@link
+javax.net.ssl.HttpsURLConnection#getDefaultHostnameVerifier()} with the expected hostname. Further
+beware that {@link javax.net.ssl.HostnameVerifier#verify HostnameVerifier.verify()}
+doesn't throw an exception on error but instead returns a boolean result that you must
+explicitly check.</p>
+
+<p>Here is an example showing how you can do this. It shows that when connecting to
+<em>gmail.com</em> port 443 without SNI support, you'll receive a certificate for
+<em>mail.google.com</em>. This is expected in this case, so check to make sure that
+the certificate is indeed for <em>mail.google.com</em>:</p>
+
+<pre>
+// Open SSLSocket directly to gmail.com
+SocketFactory sf = SSLSocketFactory.getDefault();
+SSLSocket socket = (SSLSocket) sf.createSocket("gmail.com", 443);
+HostnameVerifier hv = HttpsURLConnection.getDefaultHostnameVerifier();
+SSLSession s = socket.getSession();
+
+// Verify that the certicate hostname is for mail.google.com
+// This is due to lack of SNI support in the current SSLSocket.
+if (!hv.verify("mail.google.com", s)) {
+ throw new SSLHandshakeException("Expected mail.google.com, "
+ "found " + s.getPeerPrincipal());
+}
+
+// At this point SSLSocket performed certificate verificaiton and
+// we have performed hostname verification, so it is safe to proceed.
+
+// ... use socket ...
+socket.close();
+</pre>
+
+
+
+<h2 id="Blacklisting">Blacklisting</h2>
+
+<p>SSL relies heavily on CAs to issue certificates to only the properly verified owners
+of servers and domains. In rare cases, CAs are either tricked or, in the case of <a
+href="http://en.wikipedia.org/wiki/Comodo_Group#Breach_of_security">Comodo</a> or <a
+href="http://en.wikipedia.org/wiki/DigiNotar">DigiNotar</a>, breached,
+resulting in the certificates for a hostname to be issued to
+someone other than the owner of the server or domain.</p>
+
+<p>In order to mitigate this risk, Android has the ability to blacklist certain certificates or even
+whole CAs. While this list was historically built into the operating system, starting in
+Android 4.2 this list can be remotely updated to deal with future compromises.</p>
+
+
+
+<h2 id="Pinning">Pinning</h2>
+
+<p>An app can further protect itself from fraudulently issued certificates by a
+technique known as pinning. This is basically using the example provided in the unknown CA case
+above to restrict an app's trusted CAs to a small set known to be used by the app's servers. This
+prevents the compromise of one of the other 100+ CAs in the system from resulting in a breach of
+the apps secure channel.</p>
+
+
+
+<h2 id="ClientCert">Client Certificates</h2>
+
+<p>This article has focused on the user of SSL to secure communications with servers. SSL also
+supports the notion of client certificates that allow the server to validate the identity of a
+client. While beyond the scope of this article, the techniques involved are similar to specifying
+a custom {@link javax.net.ssl.TrustManager}.
+See the discussion about creating a custom {@link javax.net.ssl.KeyManager} in the documentation for
+{@link javax.net.ssl.HttpsURLConnection}.</p>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/docs/html/training/training_toc.cs b/docs/html/training/training_toc.cs
index 9518046..79980be 100644
--- a/docs/html/training/training_toc.cs
+++ b/docs/html/training/training_toc.cs
@@ -1069,6 +1069,13 @@
"How to perform various tasks and keep your app's data and your user's data secure."
>Security Tips</a>
</li>
+
+ <li>
+ <a href="<?cs var:toroot ?>training/articles/security-ssl.html"
+ description=
+ "How to ensure that your app is secure when performing network transactions."
+ >Security with HTTPS and SSL</a>
+ </li>
<li class="nav-section">
<div class="nav-section-header">
diff --git a/graphics/java/android/graphics/BitmapFactory.java b/graphics/java/android/graphics/BitmapFactory.java
index 381e65b..c2cd34b 100644
--- a/graphics/java/android/graphics/BitmapFactory.java
+++ b/graphics/java/android/graphics/BitmapFactory.java
@@ -88,9 +88,8 @@
* pixel in the decoded bitmap. For example, inSampleSize == 4 returns
* an image that is 1/4 the width/height of the original, and 1/16 the
* number of pixels. Any value <= 1 is treated the same as 1. Note: the
- * decoder will try to fulfill this request, but the resulting bitmap
- * may have different dimensions that precisely what has been requested.
- * Also, powers of 2 are often faster/easier for the decoder to honor.
+ * decoder uses a final value based on powers of 2, any other value will
+ * be rounded down to the nearest power of 2.
*/
public int inSampleSize;