1. 2

The author’s whitewash version of it:

http://blog.blockchain.com/2015/05/28/android-wallet-security-update/

  1.  

  2. 2

    The cherry on top is using an http library that returns the redirect instead of following it.