Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Don't prevent download for APK files (currently labeled a 'dangerous' file) #5142

Closed
1 task done
gabrc52 opened this issue Mar 31, 2021 · 6 comments
Closed
1 task done

Don't prevent download for APK files (currently labeled a 'dangerous' file) #5142

gabrc52 opened this issue Mar 31, 2021 · 6 comments
Labels
Feature Request stale

Comments

@gabrc52
Copy link

gabrc52 commented Mar 31, 2021

  • I have searched open and closed issues for duplicates

Bug Description

Signal refuses to download an APK file (Android package) on desktop.

Steps to Reproduce

  1. Send yourself an APK from a phone
  2. Try to download it

Actual Result:

Signal refuses to download the APK file saying "Attachment type not allowed for security reasons"

Expected Result:

It gets downloaded.

Screenshots

image

Platform Info

Signal Version: Signal Desktop v1.40.1

Operating System: Fedora

Linked Device Version: Signal 5.5.5

Link to Debug Log

Nothing relevant in the log.

Additional information

Probably a fault in the code that checks for malicious files like EXEs.

APKs are not malicious on a computer, and on Android it does let me download the file (but not directly open it). That makes sense since someone knowledgeable enough to use a file manager knows that an APK is potentially dangerous, and this doesn't just prevent the user from opening (installer) the file if they really want to. On the contrary, refusing to download APK on the computer doesn't make sense, especially since they aren't malicious unless the computer has an emulator.

I will download the APK I received from my phone then send it to me using KDE connect or another messaging service to workaround this bug.
@hiqua
Copy link
Contributor

hiqua commented Apr 1, 2021

Duplicate: #3849

@gabrc52
Copy link
Author

gabrc52 commented Apr 1, 2021
edited
Loading

It is not a duplicate, #3849 is arguing against a built-in protection feature, but APKs are a different file type, which is not malicious on the computer so they shouldn't be blocked from getting downloaded in the first place, especially with the Android version letting you download them but the desktop version not letting you.

@gabrc52 gabrc52 mentioned this issue Apr 1, 2021
Closed
1 task
@scottnonnenberg-signal scottnonnenberg-signal changed the title Can't download APK Don't prevent download for APK files (currently labeled a 'dangerous' file) Apr 2, 2021
@Energiereaktor
Copy link

Currently there is a workaround for this by renaming the file to something different than *.apk and after the download naming it back to the original file name.

@stale
Copy link

stale bot commented Sep 23, 2021

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Sep 23, 2021
@josh-signal josh-signal mentioned this issue Sep 29, 2021
Closed
@btTeddy
Copy link

btTeddy commented Jan 31, 2023

This is really pointless feature since Signal users are slightly different target then Messenger

@ghost
Copy link

ghost commented Jun 8, 2024

@gabrc52 Patch available here (Linux only though).

@FXZFun FXZFun mentioned this issue Jul 15, 2024
Closed
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Feature Request stale
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Allow file attachments of any type FXZFun/Signal-Desktop
6 participants
@hiqua @gabrc52 @scottnonnenberg-signal @automated-signal @Energiereaktor @btTeddy