minvws / nl-covid19-coronacheck-app-android Goto Github PK
View Code? Open in Web Editor NEWLicense: European Union Public License 1.2
License: European Union Public License 1.2
The change in DIGI_D_REDIRECT_URI
(from coronacheck://auth/login
to https://coronacheck.nl/app/auth
) doesn't work with some browsers (like the lineageOS stock browser) that don't support opening http(s) links in other applications.
Clicking on the "open in app" button in the web page just opens the link in the same browser window, making it impossible to finish adding the certificate after the DigiD login was successful.
Changing the "open supported links" setting for CoronaCheck to "allow app to open supported links" doesn't help.
The old non-http(s) link used in older versions of CoronaCheck works fine.
In the android in-app onboarding there is a text highlighting stuff in the privacy statement. The bold text is "er worden geen locatiegegevens gebruikt of bewaard". Since the highlighted text is what users see first and "gebruikt of bewaard" does not convey any info by itself, maybe the text can be changed to "er worden geen locatiegegevens gebruikt of bewaard".
Hi,
This is probably the wrong place, but I could not find any contact information on here and I can't dm anyone either.
Somewhere last week we noticed the check app for Android had a bug with logging in with DigiD when using sms controle. The browser would hang on the confirmation screen and not continue to the app, only when using Chrome as the browser.
Apparently you guys fixed this somewhere as now it's working fine.
We have the exact same bug on production but can't figure it out, and I can't find anything in your commits as to how it has been fixed. Any chance you guys can tell me how you fixed it?
Especially with elderly couples, but also small children, not all people own a personal smartphone.
If the Coronacheck app would support multiple personas, QR-codes for a partner or child could be included and all could participate in social life using a single phone.
App crashes when you tap on text in the "Make QR code" view.
E.g. on "This app makes a QR code in three steps"
Steps to reproduce the behavior:
Nothing
No screenshots possible.
Smartphone (please complete the following information):
java.util.NoSuchElementException: Array is empty.
at kotlin.collections.ArraysKt___ArraysKt.first(_Arrays.kt:1013)
at nl.rijksoverheid.ctr.design.views.HtmlTextViewWidget.dispatchPopulateAccessibilityEvent(HtmlTextView.kt:163)
at android.view.View.sendAccessibilityEventUncheckedInternal(View.java:8061)
at android.view.View.sendAccessibilityEventUnchecked(View.java:8038)
at android.widget.TextView.sendAccessibilityEventUnchecked(TextView.java:12068)
at android.view.View.sendAccessibilityEventInternal(View.java:8015)
at android.widget.TextView.sendAccessibilityEventInternal(TextView.java:12057)
at android.view.View.sendAccessibilityEvent(View.java:7979)
at android.view.View.performClick(View.java:7191)
at android.view.View.performClickInternal(View.java:7162)
at android.view.View.access$3500(View.java:819)
at android.view.View$PerformClick.run(View.java:27684)
at android.os.Handler.handleCallback(Handler.java:883)
at android.os.Handler.dispatchMessage(Handler.java:100)
at android.os.Looper.loop(Looper.java:224)
at android.app.ActivityThread.main(ActivityThread.java:7562)
at java.lang.reflect.Method.invoke(Native Method)
at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:539)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:950)
To make use of Android Enterprise recommended devices there is a need to be able to implement and use 2D barcode Imagers which are inplemented in these devices.
To make this possible, an intent broadcast receiver needs to be added to the QrCodeScannerFragment. Android Enterprise devices such as Zebra Technologie's Mobile Devices TC2X, TC5x, TC7x as well as the ET5x series (all running on Android Enterprise) are capable of sending an broadcast intent with additional information as soon as a QR Barcode gets scanned with the integrated imager. (no use of camera). This makes the barcode scanning procedure more flexibele as these imager are build for barcode scanning purposes.
As often Android Enterprise devices are used within the Events business, an integration of 2D imagers is a must have.
Besides using the integrated barcode imager, also BlueTooth enabled ringscanners can be used to scan the QR Barcode. Same mechnisme is being used to send the QR Barcode content for validation.
Sample code on how to implement can be provided. We have used these source files to test and implement the Zebra 2D Imagers being used at the TC2x, TC5x, TC7x and ET5x series.
Steps to reproduce the behavior:
A clear and concise description of what you expected to happen.
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Add any other context about the problem here.
The Android app shows a warning when the time of the device is not in sync with actual current time. It suggests to set the device to automatic time sync, however even with that option turned on the clock of a device might still drift. If the clock is already set to automatic, there's really nothing much a user can do.
Instead, the app should pass on the observed clock skew (as observed in ClockDeviationUseCase
) to the mobile core library that generates the QR code. To make this possible I filed minvws/nl-covid19-coronacheck-idemix#1.
While inspecting the code which sets up OkHttp client, I saw you use TrustManager to set a list of trusted CAs.
But you are not using CertificatePinner. Both things are described here: https://square.github.io/okhttp/https/
You are using the bottom section, but not the middle one (Certificate Pinning).
More description about it is here: https://square.github.io/okhttp/4.x/okhttp/okhttp3/-certificate-pinner/
Pinning host certificates with their associated hostnames instead of whole CAs will make it more secure.
A clear and concise description of what the bug, issue or concern is is.
Voor de ontwikkeling van een contactloze QR scanner zuil die bij ingang van horeca/winkels zal staan is het voor ons een requirement om de corona QR codes te scannen met een externe camera/scanner. Het is ons niet gelukt om dit voor elkaar te krijgen in de huidige app, mede omdat android het nu niet meer toelaat om standaard een externe camera te gebruiken in apps. Mijn vraag is of dit op een manier mogelijk is momenteel in de huidige versie van de corona scanner? En zo niet, wanneer kan ik een update verwachten die dit wel mogelijk maakt?
Smartphone (please complete the following information):
Android 11
Samsung A52
Ik denk persoonlijk dat dit een hele belangrijke ontwikkeling is voor de app.
The app seems to crash on startup consistently, happens every time I try to open the app. the app only seems to show the opening screen but doesn't get further in.
Steps to reproduce the behaviour:
The device in question is a:
Poco F2 Pro (Redmi k30 pro) running an android 11 based ROM, SafetyNet seems to pass basic.
Tried multiple versions of the os, including restarts etc.
Seems to be the only app with this issue encountered so far.
Added logs below:
device_info.txt
logcat.txt
The current download is configured for acc, how to configure it for prod?
Config seems to be missing in productFlavors and other config files?
Steps to reproduce the behavior:
Some comments in the code on how to configure for building for prod environment.
none.
Desktop (please complete the following information):
Smartphone (please complete the following information):
n.a.
none.
A clear and concise description of what the bug, issue or concern is is.
App chooses its language by the OS's preference. This may not be desired. Only by re-installing the app from Play Store, after changing OS language, does the app display correctly.
E.g.
Steps to reproduce the behavior:
Language changes along with system language and allows override from a menu
Smartphone (please complete the following information):
App data was cleared before reinstalling, which confirmed the app's behaviour for me.
After having 2 vaccins (or 1 with Janssen), the NL QR code only appears after 14 days. There is a clear message that you have to wait x days. When you change your telephone date to +14 days from now, the QR code appears directly. This should not be possible to prevent fraudulent behaviour with the QR code.
Steps to reproduce the behavior:
I expect that the countdown from the last vaccin is not using the phone system time. A different method should be used for the countdown of 14 days.
Smartphone (please complete the following information):
Hi! I think app shortcuts for the QR code and the scanner screen would be useful for users. If this makes sense for you too, I can develop the feature.
First I received a single dose of pfizer, which was considered my final dose as I had COVID last year. Since this was thus considered my last dose, I received a valid QR in the app. This week, because several reasons I opted to also get the 2nd shot of pfizer. Both shots are now considered the last dose of my vaccination according to the app ("is this the last dose of your vaccination? yes). The app now takes the most recent dose for the QR and now I'm unable to generate a QR.
My first dose was on the 28th of june, and the 2nd dose was on the 4th of august.
E.g.
Steps to reproduce the behavior:
Since I received my actual last dose already on june 28th, I should be able to generate a valid QR, regardless of any (booster) shots received after.
Smartphone (please complete the following information):
I have received my Pfizer vaccination. Due to an earlier infection with covid, I only had to get one vaccine. (presumably) because of this, I can only create an international certificate, not a national one.
I'd like to add to that that the official minvws twitter account has stated that this bug has been fixed, but it has in fact not been fixed yet.
I think this might in part be related to the fixes in #28, but that is just speculation.
Because I only needed one vaccine, the app should make a certificate for me. Unfortunately, it does not. I only get an international vaccine.
I can't really, the app does not allow screenshots.
Smartphone (please complete the following information):
Before making my certificate, it shows two vaccinations. Confused, but it seems to be the same vaccine.
Gradle currently throws the following warning, because an obsolete API is used:
> Configure project :api
WARNING: API 'BaseVariant.getApplicationIdTextResource' is obsolete and has been replaced with 'VariantProperties.applicationId'.
It will be removed in version 5.0 of the Android Gradle plugin.
For more information, see TBD.
To determine what is calling BaseVariant.getApplicationIdTextResource, use -Pandroid.debug.obsoleteApi=true on the command line to display more information.
Steps to reproduce the behavior:
--warning-mode=all
Building with Gradle with --warning-mode=fail
should pass.
With the current version of the scanner app on Honeywell (Android Enterprise) Handheld Devices the camera is opened/launched to scan the QR barcode. For our customers it would be more ergonomic and more efficient (faster) if we could use the integrated 2D imager..
Could you please advice who to contact to explore the possibilities to include/embed scanner support for our handheld devices?
Of course we are happy to help/assist and/or provide you with all the necessary documentation and test hardware to support the development/implementation..
Many thanks in advance,
Eddie Schrikenberg
Solution Architect
Honeywell | Productivity Solutions and Services
Burgermeester Burgerslaan 40
5245 NH Rosmalen
Received a Pfizer vaccination, and needed to get a second vaccination. Due to an earlier infection with covid, I than got notified i only had to get one vaccine. So canceled the second appointment.
I can only create an international certificate, not a national one, even though the GGD filled a new questionnaire, which stated i have had COVID and only needed 1 vaccination.
The questionnaire is filled 14th of June. And we are waiting for more than 2 months now, to get it fixed / updated.
Steps to reproduce the behavior:
We should get a valid Dutch vaccination proof.
Desktop & Smartphone (please complete the following information):
The check app on F-Droid cannot scan QR codes. (Paper at least, possibly all).
Please dont say use the play-store app as this phone has no play-store at all.
Install F-Droid version of scanner, the QR code is not recognized.
The QR code can be scanned using a generic QR-reader so it is not the camera.
Using a generic QR scanner the resulting gibberish is not usefull.
At least a scan by the APP.
Smartphone (please complete the following information):
Add any other context about the problem here.
At the moment it is possible to take a screenshot of the QR code (vaccination, recovery or test certificate).
I think this is not desired for it allows very easy fraud. Users could just screenshot the QR code and send it to friends.
I know this could already be done by looking at the moving animations on screen but reality shows that bouncers or guards at clubs don't really look at that and only look at or scan the code.
Steps to reproduce the behavior:
There could be multiple options with varying implementations.
As Ziggo does this in their Ziggo go app once a screenshot is taken they turn to black and there is no information in the screenshot. This doesn't prevent screenshots from being taken but it holds no purpose for there is no information in the screenshot. Just a black screen.
ABN AMRO app will not let you take a screenshot at all. They will just issue an alert to the user with an explanation that no screenshot was taken.
Android documentation suggests using the following to disable capture inside an android window:
https://developer.android.com/reference/android/view/WindowManager.LayoutParams#FLAG_SECURE
Please consider providing the application outside of the Google Play Store, for example by adding apk files to GitHub releases or ideally adding the app to F-Droid. Some people can't or don't want to use Google Play Services on their Android devices, for example because of privacy concerns.
Contact tracing and/or checking apps for France (and third party), Switzerland, United Kingdom and Germany are available on F-Droid.
Currently the CI fails because something is going wrong with the key store signing.
FAILURE: Build failed with an exception.
518 actionable tasks: 361 executed, 157 from cache
* What went wrong:
Execution failed for task ':holder:packageTstRelease'.
> A failure occurred while executing com.android.build.gradle.tasks.PackageAndroidArtifact$IncrementalSplitterRunnable
> com.android.ide.common.signing.KeytoolException: Failed to read key from store "/home/runner/work/nl-covid19-coronacheck-app-android/nl-covid19-coronacheck-app-android/keystore.jks": null
When launching the app on Android 12 SPB3.210618.013 the app instantly crashes. I've been trying to get the crash dialog to stay open long enough so I can see the reason, but have been unable to do so.
Resetting the apps data didn't resolve the issue.
Resetting the android WebView component didn't resolve the issue.
E.g.
Steps to reproduce the behavior:
https://youtube.com/shorts/afKbsTNpAEw?feature=share
If applicable, add screenshots to help explain your problem.
Smartphone (please complete the following information):
Add any other context about the problem here.
Hi,
Deze kwetsbaarheid is eerder doorgegeven aan het NCSC maar zij zien het niet als technisch beveiligingsprobleem en gaan dit niet verder behandelen. Omdat er verder nergens aangegeven is waar dit aan te kaarten post ik het hier publiekelijk. De kwetsbaarheid vereist geen raketgeleerde om er op te komen dus dit zal ongetwijfeld al veel in het wild toegepast worden.
De kwetsbaarheid:
De methode zoals aangegeven in de scanner app laat teveel human error toe. Hier volgt een vector die naar mijn inzicht het makkelijkst te exploiten is in venues die zich netjes aan de stappen in de scanner app houden.
Uiteraard zijn er genoeg variaties op deze methode te bedenken waarbij je je telefoon / id uitleent nadat je al binnen bent in een venue mits de situatie dit toelaat. Hierdoor kun je potentieel best wel wat mensen naar binnen krijgen.
Impact:
De impact op de volksgezondheid is potentieel groot omdat je ongemerkt mensen toelaat die potentieel niet gevaccineerd of getest zijn maar wel actief het virus verspreiden, of als men het niet zo nauw neemt en positief test maar vervolgens met deze methode een negatieve test / vaccinatie van een maatje gebruikt om toch binnen te komen.
De impact op het individu die van deze kwetsbaarheid gebruik maakt is op dit moment laag. Er is op dit moment weinig toezicht op dit soort identiteitsfraude.
De impact op de horecazaak is potentieel groot omdat zij potentieel een superspread event organiseren en hierdoor de deuren moeten sluiten terwijl hun niet per-sé iets toe te wijten is wanneer ze de scanner volgens de procedure gebruiken.
Potentiele oplossing:
Om het gebruik van dubbele id's / QR's tegen te gaan zou je een gastenlijst bij moeten houden. Bijvoorbeeld in de app een lijst met welke id's/QR's reeds gebruikt zijn om toegang te verkrijgen. Dit is lastig vorm te geven door wetgeving maar ook omdat, indien meerdere keren vrij uit/in lopen toegestaan is, je deze mensen constant uit/in moet checken.
Eventueel zou je de scanner app ook de MRZ + NFC uit een identiteitsbewijs kunnen laten gebruiken voordat een groen scherm afgegeven wordt met een fallback naar manuele input wanneer het device geen NFC ondersteund. Dit dwingt de portier om de methode op de juiste manier te gebruiken en staat toe om automatisch een lijst bij te houden. Het gebruik van de NFC is hier enigszins key omdat die lastiger na te maken is terwijl de MRZ slechts een goede kopieer machine vereist.
Bij grotere evenementen is het gebruik van meerdere scanners gewenst die offline moeten kunnen functioneren. Deze zullen de gastenlijst onderling moeten synchroniseren. Dit is geen triviale taak om op te zetten. Dit vereist een vorm van een (P2P) netwerk communicatie tussen de devices en de nodige encryptie om de synchronisatie veilig uit te voeren.
When i press the icon to launch the app, the splash screen with logo comes up. Then it stays on that screen for a couple minutes.
Then the app just closes. No force close dialog or anything. The same happens to the Scanner for CoronaCheck app.
I have added a screenrecoding of the bug. in this case, a force close dialog does appear however.
I have wiped cache and data multiple times, and all apps are up to date.
The DigiD app works without any problems.
** Possible fix
I notice that the targeted SDK version of this app is 30. Android 12 uses 31. Is the app not compatible yet?
com/minvws/nl-covid19-notification-app-coordination/blob/master/LICENSE.txt and the contributor license agreement https://github.com/minvws/nl-covid19-notification-app-coordination/blob/master/CLA.md
Yesterday I finally got the chance to receive my first vaccination with Pfizer and of course after I got home I tinkered with the app (see steps in To reproduce). While I ended the night with a valid certificate because I've recently been negatively tested (valid until 5:00 AM this morning), I woke up to find a valid vaccination certificate, which I was successfully able to use in the scanner app.
I've checked at mijn.rivm.nl to see if my vaccination was correctly registered, and no problems seem to have occurred there.
Since I've only had one shot of Pfizer I expect my vaccination to not be valid yet in the Netherlands.
Unable to take screenshots.
Smartphone (please complete the following information):
Add any other context about the problem here.
While inspecting the code, I've found https://github.com/minvws/nl-covid19-coronacheck-app-android/blob/main/api/src/main/java/nl/rijksoverheid/ctr/api/interceptors/SignedResponseInterceptor.kt
Which checks signature of the response body. Are you guys planning to use the standard SSL certificate pinning instead of this custom solution?
A clear and concise description of what the bug, issue or concern is is.
E.g.
Steps to reproduce the behavior:
A clear and concise description of what you expected to happen.
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
Smartphone (please complete the following information):
Add any other context about the problem here.
Steps to reproduce the behavior:
In the FOSS version on F-droid, if you try to login with DigID to retrieve the vaccination certificate, you can only login using username+password
Login with DigID webpage lets you choose to login with SMS verification or the DigID app with ID verification
Smartphone (please complete the following information):
FOSS / Fdroid version
When I choose Main screen - Internationaal - select Button BEKIJK QR) and then select the question mark at the top right in the international QR code screen (the screen with the QR code and the animations), the text value at the label 'Ziekteverwekker / Disease targeted:' is not correct. The text value states 'Ziekteverwekker:' Comparing this with the paper version (papieren bewijs), generated through https://coronacheck.nl/nl/print/ I noticed the difference. There the text value states 'COVID-19', which is correct, I assume.
Steps to reproduce the behavior:
The expected behavior should be that the text value should display 'COVID-19' instead of 'Ziekteverwekker:'
Smartphone (please complete the following information):
Commit 2d46186 introduced a regression. With this change, users that have Work Profile set up in their device cannot open their browser anymore to login with DigiD.
When using Work Profile, there's a custom preferred "browser" that lets you choose between the Private and the Work browser. The package name of this "browser" is simply android
as it's part of the core Android package.
The commit mentioned above removed the whitelist of browsers, and instead allows all browsers. On a phone with Work Profile installed, this will try to open this generic "browser", using package name android
which fails and crashes the app.
A simple fix would be to add a filter, which filters out browsers with package name android
. I'll open a PR with that fix.
"Next" button only partially visible, need to scroll down, which might confuse novice users
Steps to reproduce the behavior:
A clear and concise description of what you expected to happen.
Impossible due to what seems app's security policy
Smartphone (please complete the following information):
Add any other context about the problem here.
Application doesn't show QR code and require connection to the internet with imported certificate. It has happened recently during vodafone outage.
Steps to reproduce the behavior:
A clear and concise description of what you expected to happen.
Unable to make screenshots as application doesn't allow to do it.
Smartphone (please complete the following information):
Application haven't been used for few days and this has happened on check in the cafe.
I did receive a 3rd vaccination because of a severe immune system disorder. This is officially not a booster vaccination, however can be seen equally regarding the problem I observed.
I thus have a third vaccination, after my earlier two vaccinations. In the CoronaCheck app, on the tab that is showing the international vaccination certificates, the vaccinations are shown as:
The total dose counter for dose 1 and dose 2 are thus shown incorrectly, as I would expect them to be shown as:
Also on the QR code view, QR code selector is showing 'Dose 1/2' and 'Dose 2/2' where I would expect it to show: 'Dose 1/3' and 'Dose 2/3'. The selector is correctly showing 'Dose 3/3'.
Also see the attached screenshots
Steps to reproduce the behaviour:
I would expect that the total number of doses (3 in my case at this moment), is shown correctly when it is shown in 'Dose x/y' style strings.
The overview of the vaccinations on the 'International' tab.
The QR code selector. Notice the three dots, and the still enabled 'go to right' button.
Smartphone (please complete the following information):
qr code scanned with cornacheck scanner app says qr code is valid but does display 4 underscores instead of the information to confirm the identity. This might not be a specific issue with the app but is concerning.
Steps to reproduce the behavior:
get 4 letters/numbers to verify identity
Smartphone (please complete the following information):
While inspecting verifier app code, I haven't found any place where we validate the QR code signature.
At the moment it seems it's very easy to forge your own QR code. Is this something in plans to be improved?
Problem: geen QR code (indien corona + 1 vaccinatie)
Indien je corona gehad hebt zou je met 1 vaccinatie voldoende bescherming moeten hebben om een QR code te krijgen.
Bij die vaccinatie moet dan aangevinkt worden dat er een eerdere besmetting was zodat in de QR code ‘1 van 1 vaccinaties’ komt te staan.
Indien bovenstaande het geval is: hoe (en wie/welke instantie) kan dit aanpassen indien er toch geen QR code verkregen wordt omdat er ‘1 van 2 vaccinaties’ staat.
Bij huisarts, GGD, huisartsenvereniging, RIVM etc komen we niet verder. Dit zijn de logische contactpunten, maar naar mijn idee is het data verwerkingsprobleem en bij hen komen we niet verder. Iedereen doet z'n best en is behulpzaam, maar nergens komen we verder omdat niemand iets kan aanpassen in zijn/haar systeem (en iedereen zegt dat een andere persoon of instantie dat wel kan/moet kunnen).
Bij wie of welke instantie kunnen we terecht die wel dieper in de database kan om dit (met terugwerkende kracht) aan te passen?
Naar mijn ervaring met de app wordt of niet gecontroleerd, of, als er gecontroleerd wordt, alleen controlevragen gesteld zoals "Wat is je geboortejaar?". Dit maakt het erg makkelijk om met een QR code van iemand anders naar binnen te komen. Ik ben in de afgelopen 4 keer dat ik gecontroleerd ben 1x wel gevraagd om ID, 2x kon ik na het scannen zonder ID naar binnen, en 1x kon ik met een controlevraag naar binnen. Dit ging in 2 gevallen om de horeca, en 2 gevallen een bioscoop. Het hele punt van de App is zo weg. Er moet naar mijn mening sterker benadrukt worden dat controlevragen niet voldoende zijn en dat het tonen van een ID verplicht is.
Currently CoronaCheck version 2.1.0 and 2.1.1 are rolled out through Google Play, but not yet available in this GitHub repo. This undermines the open-source principals. Source code should be made first available on GitHub, before pushing to Google Play and rolling out, so that it can be independently checked.
Ping @ijansch @BartNijland91
Please do not get me wrong. I applaud the fact this application is open source and the fact privacy seems to be taken seriously while developing this application. Having said that, despite these considerations I am strongly against the sharing of ANY patient data, including vaccination status. While the generation of the QR code that is used within The Netherlands itself is much better since it only shows a binary YES/NO without any additional details (such as what generated the YES: Negative test, recent infection or vaccinated), the European QR code that is supported within the application is a privacy disaster, showing things such as batch number of vaccination, number of shots and date at which the shots were received.
I have searched far and wide if this entire ecosystem can be opted out of. While I know it is possible to opt-out of sharing your vaccination information with the RIVM, as far as I know this application can also retrieve vaccination details from the GGD. I am strongly against this, and this fact has made me doubt whether I even want to be vaccinated in the first place. This feels extremely bad because I WANT to be vaccinated and be part of the solution of this crisis. However, my privacy concerns are currently preventing me from being that.
These questions aren't really related to the application itself, but since I was unable to find ANY relevant information on the topic, and since you guys have experience with retrieving the information from said systems, I was hoping the knowledge I am after can be found here. My questions:
Thank you very much in advance!
When try to login with DigiD, a URL (https://tvs.coronacheck.nl/authorize?....) is opened in Chrome which is not my default browser. I would expect it to open my default browser.
While inspecting the code, I've found that we store CREDENTIALS and SECRET_KEY_JSON data in plaintext right into SharedPreferences. Are there plans to use android keystore for those?
Na klikken op 'log in met digid' verschijnt de melding 'Het ophalen is afgebroken'.
Dit is eerder een issue geweest, maar het lijkt niet volledig opgelost.
Steps to reproduce the behavior:
Ik verwacht dat na het inloggen het vacinatiebewijs wordt opgehaald.
1 coronacheck-app al diverse malen geheel verwijderd en opnieuw geïnstalleerd
2 telefoontoestel al opnieuw opgestart
3 aanvankelijk geprobeerd met opera-browser (werkte niet). toen firefox geïnstalleerd (werkte niet). toen chrome aangezet. chrome geupdate. chrome werkt ook niet.
4 digid-app geïnstalleerd. daarmee inloggen op bijvoorbeeld digid.nl lukt wel.
5 testbewijs van andere testlocatie opgehaald via ophaalcode (lukt wel)
6 verbinding gewijzigd van wifi naar mobiel-netwerk
Smartphone (please complete the following information):
Ik wil best logging verstrekken, maar ik heb geen idee hoe ik dat doe. Als aangegeven kan worden hoe ik dat doe, geen probleem.
At the entrance of events, multiple items need to be checked such as their ticket and the Corona Qr code. As an employee you often have to switch between the CoronaCheck Scanner
application and a ticket scan
application.
To improve the speed we have added a button in our application which brings up the CoronaCheck Scanner
however it currently opens a page with a button Start scanning
which means you'll have to click again. This might not feel like a huge hassle but please keep in mind that you will have to do this for hundreds of times each day.
It would be great if we could deep link to the scanning page, thereby saving the hassle of pressing the Start Scanning
button.
The same goes for the visitor; they have to show their Ticket QR code as well as their Corona QR code. If this issue gets accepted I'll create a similar issue in the CoronaCheck application
.
Steps to reproduce the behavior:
Open CoronaCheck Scanner app
Start scanning
Open CoronaCheck Scanner app
and it deep-links you to the scan pageIf applicable, add screenshots to help explain your problem.
The corona Melder app from the RIVM uses the Google Exposier API. This API has been reviewed my multiple security experts. This app the CoronaCheck app looks to be using a custom designed flow. So I would like to see a breakdown of all security measures and a technical flow of the data and key exchanges that are going on.
So far I got the following information from searching the source code:
(All) data transfer is encrypted using 2048 bit ssl keys. (The example key has 2048 bit, so the production key has probably the same)
This site has an overview of the flow https://api-ct.bananenhalen.nl/overview/run/
So my question is if an overview can be made where all technical details are also shown.
Hello,
We make custom made self scan kiosks using Android tablets. We are wondering if it's possible to scan QR codes using an infrared 2D barcode scanner hooked up (or integrated directly into the device) instead of using the regular built-in camera. I have noticed a similar issue posted in August in which the support for Zebra devices were mentioned and plans the expand support in general for dedicated barcode scanners. I am wondering how the progress regarding this issue is. Ideally we would like to hook up an external barcode scanner which returns the QR code content as a keyboard input. Is this possible?
Thank you for your time.
Daniel
Apologies if this isn't the right place to report a bug that's specific to CoronaCheck Scanner, or if it's not specific to Android. (I suspect it isn't, though I've only checked on Android, and am not sure where to report more general issues.)
Individuals with international EU Digital COVID Certificates who have received a third (booster) dose within the last 14 days will have their QR codes rejected, even though their second dose was more than 14 days old so their proof of vaccination should be accepted. (In other words, CoronaCheck Scanner simply looks at the date of the last dose without taking into account the number of doses, such that individuals with boosters are worse off than if they hadn't had the third dose at all.)
This can be confirmed by setting the date for the phone running CoronaCheck Scanner to one more than two weeks after the third dose -- this results in the QR code being accepted.
The QR code should be accepted, since the second dose was more than two weeks ago. (The date of the second dose isn't itself stored in the QR code, as far as I know, but no member state allows receiving a third dose less than two weeks after the second dose – in most cases it'll be at least 6 months earlier.)
The number of individuals this affects is likely to be small right now, but will grow as more people elsewhere in the EU get boosters.
Honoring the "remove animations" setting within Android Settings is counterproductive
Steps to reproduce the behavior:
Animated cyclist remains visible so it can serve as a proof of authenticity, even for those normally intolerant toward animations.
Smartphone (please complete the following information):
Device: Samsung OneUI 3.1
App version 2.1.1
People with affected disabilities are at risk of being scapegoated for a perceived attempt to fraud the system. this should not happen.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.