| aa07653d2eea38a7a5bda5944c8a353586916ae9 |
|
02-Aug-2016 |
Svetoslav Ganov <svetoslavganov@google.com> |
Prevent apps to overlay other apps via toast windows
It was possible for apps to put toast type windows
that overlay other apps which toast winodws aren't
removed after a timeout.
Now for apps targeting SDK greater than N MR1 to add a
toast window one needs to have a special token. The token
is added by the notificatoion manager service only for
the lifetime of the shown toast and is then removed
including all windows associated with this token. This
prevents apps to add arbitrary toast windows.
Since legacy apps may rely on the ability to directly
add toasts we mitigate by allowing these apps to still
add such windows for unlimited duration if this app is
the currently focused one, i.e. the user interacts with
it then it can overlay itself, otherwise we make sure
these toast windows are removed after a timeout like
a toast would be.
We don't allow more that one toast window per UID being
added at a time which prevents 1) legacy apps to put the
same toast after a timeout to go around our new policy
of hiding toasts after a while; 2) modern apps to reuse
the passed token to add more than one window; Note that
the notification manager shows toasts one at a time.
bug:30150688
Change-Id: Ia1dae626bd9e22541be46edb072aa288eb1ae414
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| 2fc661a453c8dd0f62c4e567641ab282f2f2c5fe |
|
02-Aug-2016 |
Svetoslav Ganov <svetoslavganov@google.com> |
Revert "Prevent apps to overlay other apps via toast windows"
bug:30150688
This reverts commit dc24f937b031f5f4e153dbfeaa51e96415a09b71.
Change-Id: Id7e8ddbf82ab426f55a5296791f1e8ebb61514bc
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| dc24f937b031f5f4e153dbfeaa51e96415a09b71 |
|
26-Jul-2016 |
Svet Ganov <svetoslavganov@google.com> |
Prevent apps to overlay other apps via toast windows
It was possible for apps to put toast type windows
that overlay other apps which toast winodws aren't
removed after a timeout.
Now for apps targeting SDK greater than N MR1 to add a
toast window one needs to have a special token. The token
is added by the notificatoion manager service only for
the lifetime of the shown toast and is then removed
including all windows associated with this token. This
prevents apps to add arbitrary toast windows.
Since legacy apps may rely on the ability to directly
add toasts we mitigate by allowing these apps to still
add such windows for unlimited duration if this app is
the currently focused one, i.e. the user interacts with
it then it can overlay itself, otherwise we make sure
these toast windows are removed after a timeout like
a toast would be.
We don't allow more that one toast window per UID being
added at a time which prevents 1) legacy apps to put the
same toast after a timeout to go around our new policy
of hiding toasts after a while; 2) modern apps to reuse
the passed token to add more than one window; Note that
the notification manager shows toasts one at a time.
bug:30150688
Change-Id: Icc8f8dbd060762ae1a7b1720e96c5afdb8aff3fd
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| f1395d730a499b6420ee7593f3a5236eca637bfb |
|
20-Jul-2016 |
Svetoslav Ganov <svetoslavganov@google.com> |
Revert "Prevent apps to overlay other apps via toast windows"
This reverts commit b3b22cba86dd6e010c5fac3d044990f155a33381.
Change-Id: I905e7435893fab49f03fdb708f4ab5a9d2c9cbae
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| b3b22cba86dd6e010c5fac3d044990f155a33381 |
|
15-Jul-2016 |
Svet Ganov <svetoslavganov@google.com> |
Prevent apps to overlay other apps via toast windows
It was possible for apps to put toast type windows
that overlay other apps which toast winodws aren't
removed after a timeout like toasts are.
Now to add a toast window one needs to have a special
token. The token is added by the notificatoion manager
service only for the lifetime of the shown toast and
is then removed including all windows associated with
this token.
This prevents apps to add arbitrary toast windows. The
token is passed in the app domain in the request to
construt and add the toast window which allows a bad
app to add arbitrary toast windows. However, this is
fine since the token will be invalided and all of its
windows removed after the toast for which it was
create times out.
We do not care of braking apps that add toast windows
directly due to the security and privacy implications
of arbitrary UI redressing. Also we have dedicated
Toast APIs which are the way to add this time of UI.
bug:30150688
Change-Id: I65372c81a791489de89fb2886cc96392c28680bb
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| 9066cfe9886ac131c34d59ed0e2d287b0e3c0087 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| d83a98f4ce9cfa908f5c54bbd70f03eec07e7553 |
|
04-Mar-2009 |
The Android Open Source Project <initial-contribution@android.com> |
auto import from //depot/cupcake/@135843
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|
| 54b6cfa9a9e5b861a9930af873580d6dc20f773c |
|
21-Oct-2008 |
The Android Open Source Project <initial-contribution@android.com> |
Initial Contribution
/frameworks/base/core/java/android/app/ITransientNotification.aidl
|