diff options
author | Jeff Chang <chengjeff@google.com> | 2022-01-18 18:29:52 +0800 |
---|---|---|
committer | Android Build Coastguard Worker <android-build-coastguard-worker@google.com> | 2022-02-14 23:12:52 +0000 |
commit | e74a2a320bf896bc30618ce486203bafe453c469 (patch) | |
tree | 13de69dc701059a7c0f315c6d05f2cd159fc5beb | |
parent | f2387994151fb5c22c9e645647945e1471fe8ac1 (diff) | |
download | base-e74a2a320bf896bc30618ce486203bafe453c469.tar.gz |
[RESTRICT AUTOMERGE] Add hide-non-system-overlay flag for HarmfulAppWarningActivity
A malicious application could overlay the activity. The overlay is
able to be tapped through, which can trick the user into starting a
harmful activity.
The CL added the flag SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS for
the activity to prevent the tapjacking/overlay attack.
Bug: 205595291
Test: atest CtsHarmfulAppWarningHostTestCases
Change-Id: Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991
(cherry picked from commit a04b3666b8619e09e08646c6d5c529d016cbfb47)
(cherry picked from commit f36b7b9f80fde732aa102b04cd8ce6a6db1a3616)
Merged-In:Ia1a1ae0dc451e04bf5c31e3cb8cf30a0d8e32991
-rw-r--r-- | core/java/com/android/internal/app/HarmfulAppWarningActivity.java | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/core/java/com/android/internal/app/HarmfulAppWarningActivity.java b/core/java/com/android/internal/app/HarmfulAppWarningActivity.java index ce2d229d41b3..33209e110123 100644 --- a/core/java/com/android/internal/app/HarmfulAppWarningActivity.java +++ b/core/java/com/android/internal/app/HarmfulAppWarningActivity.java @@ -16,6 +16,8 @@ package com.android.internal.app; +import static android.view.WindowManager.LayoutParams.SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS; + import android.content.Context; import android.content.DialogInterface; import android.content.Intent; @@ -27,6 +29,7 @@ import android.os.Bundle; import android.util.Log; import android.view.View; import android.widget.TextView; + import com.android.internal.R; /** @@ -48,6 +51,7 @@ public class HarmfulAppWarningActivity extends AlertActivity implements protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); + getWindow().addSystemFlags(SYSTEM_FLAG_HIDE_NON_SYSTEM_OVERLAY_WINDOWS); final Intent intent = getIntent(); mPackageName = intent.getStringExtra(Intent.EXTRA_PACKAGE_NAME); mTarget = intent.getParcelableExtra(Intent.EXTRA_INTENT); |