So I just tried to update a long-standing Unity built game on the Play Store but received a rejection mail back from Google as follows :
Intent Redirection - Your app(s) are vulnerable to Intent Redirection.
They offer a link with 3 separate remedies
TBH, The only option I understand here is no.1 (change androidexported to false on the manifest) but looking at this it seems that Google Play services need this in order to sign in.
I have included what I believe to be the offending lines of code from the manifest below.
Also, the mail from Google said I should find more information in 'alerts' in the developer console but there are no messages there.
I am not especially technical so any help greatly appreciated.
<service
android:name="com.google.android.gms.auth.api.signin.RevocationBoundService"
android:exported="true"
android:permission="com.google.android.gms.auth.api.signin.permission.REVOCATION_NOTIFICATION" />
