PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix clickjacking again for accessibility services

Browse Source 
Turns out that the flag for the window being obscured
does not imply that it is also partially obscured.

Also blocking system alerts and toast windows over the
accessibility service preference screen (and its associated
warning dialog) as well as the warning dialog shown when
a service is made available with the accessibiity shortcut.

Bug: 62104030
Test: Manually verified that I can't enable Select to Speak
when switch access is highlighting the button. I am able to
do that without this fix. Also started a service that
displayed a system overlay and confirmed that the overlay
disappears on a11y service preference screens and when a
new service is configured for the a11y shortcut.
Merged-In: Ie00bafa736c837881a258c9de10891b27c5baefd

Change-Id: Iabbded1a12dbc33d76e51c0bac710280a88080f3
This commit is contained in:
Phil Weaver
2017-05-25 17:02:21 -07:00
parent 20ae31e87c
commit ed0866ebfd
5 changed files with 56 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
src/com/android/settings/Utils.java
View File

@@ -25,6 +25,7 @@ import android.annotation.Nullable;
import android.app.ActivityManager;
import android.app.AlertDialog;
import android.app.AppGlobals;
import android.app.AppOpsManager;
import android.app.Dialog;
import android.app.Fragment;
import android.app.IActivityManager;
@@ -1272,6 +1273,22 @@ public final class Utils extends com.android.settingslib.Utils {
return info.enabled ? R.string.installed : R.string.disabled;
}
/**
* Control if other apps can display overlays. By default this is allowed. Be sure to
* re-enable overlays, as the effect is system-wide.
*/
public static void setOverlayAllowed(Context context, IBinder token, boolean allowed) {
AppOpsManager appOpsManager = context.getSystemService(AppOpsManager.class);
if (appOpsManager != null) {
appOpsManager.setUserRestriction(AppOpsManager.OP_SYSTEM_ALERT_WINDOW,
!allowed, token);
appOpsManager.setUserRestriction(AppOpsManager.OP_TOAST_WINDOW,
!allowed, token);
}
}
private static boolean isVolumeValid(VolumeInfo volume) {
return (volume != null) && (volume.getType() == VolumeInfo.TYPE_PRIVATE)
&& volume.isMountedReadable();