You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While troubleshooting another issue that I may post about shortly, I discovered that Megalodon will always sign back in to my account when I reinstall it. This occurs regardless of what I do prior to reinstalling it.
I have tried:
Log out before uninstalling
Log out and clear app data in Android settings before uninstalling
Log out, clear data, then restart the phone before uninstalling
Log out, clear data, then restart the phone after uninstalling but before reinstalling
All of the above will not prevent the app from automatically signing back in after being reinstalled.
However, when the app restarts, it gives the error "The access token was revoked" and won't let you post any toots, so I guess that's one good thing. But my point is that a newly reinstalled app shouldn't sign into anything automatically, especially after having its data cleared.
I did also notice that the uninstallation takes a fraction of the time that the install takes. Not sure if this is related.
To reproduce
Steps to reproduce the behavior:
Log out of Megalodon
Clear app data in Android
Uninstall Megalodon
Open the app and be automatically signed in.
Does this happen in the official app?
Does this issue also occur with the respective upstream release?
No (Mastodon Play Store latest)
Screenshots and screen recordings
(Apologies for compression issues. The video was 47MB but GitHub only allows up to 10MB.)
Leah96xxx
changed the title
[SECURITY BUG] Megalodon will always sign back in after reinstall, even after logging out and clearing data first
[SECURITY BUG] Megalodon will always partially sign back in after reinstall, even after logging out and clearing data first
Jan 13, 2024
From what I understand, this behaviour is from Google saving and restoring app settings, and I have seen it do it even for apps that weren't installed from Google Play. Is it really megalodon "bug"?
From what I understand, this behaviour is from Google saving and restoring app settings, and I have seen it do it even for apps that weren't installed from Google Play. Is it really megalodon "bug"?
Describe the bug
While troubleshooting another issue that I may post about shortly, I discovered that Megalodon will always sign back in to my account when I reinstall it. This occurs regardless of what I do prior to reinstalling it.
I have tried:
All of the above will not prevent the app from automatically signing back in after being reinstalled.
However, when the app restarts, it gives the error "The access token was revoked" and won't let you post any toots, so I guess that's one good thing. But my point is that a newly reinstalled app shouldn't sign into anything automatically, especially after having its data cleared.
I did also notice that the uninstallation takes a fraction of the time that the install takes. Not sure if this is related.
To reproduce
Steps to reproduce the behavior:
Does this happen in the official app?
Does this issue also occur with the respective upstream release?
No (Mastodon Play Store latest)
Screenshots and screen recordings
(Apologies for compression issues. The video was 47MB but GitHub only allows up to 10MB.)
Screen_Recording_20240113_122508_Google.Play.Store.mp4
Version
Megalodon version: 2.1.6+fork.110 (110) (Play Store latest)
Crash log
N/A
The text was updated successfully, but these errors were encountered: