Currently developing a small module and wanted to check with experts whether its code is vulnerable or not. This is part of my internship.
When a button is clicked it opens an android application from its webpage. If the webpage is visited from desktop, it will just have a redirect link. When using mobile browser, it will open the application. Implemented HTML encoding that encodes special characters such as double quotes,
Is this below code is secure or will it lead to XSS or redirection kind of attacks?
NOTE: Randomvalue is alphanumeric and it is passed as a part of url upon clicking the button. All values are sample.