am 0722cec0: Merge "docs: fix error in common tasks code snippet and add...

page.title=Android Application Framework FAQ

parent.title=FAQs, Tips, and How-to

parent.link=index.html

@jd:body

@jd:body

<ul>

<script type="text/javascript">

  <li><a href="#1">Do all the Activities and Services of an

  document.location=toRoot+"resources/faq/framework.html"

  application run in a single process?</a></li>

</script>

  <li><a href="#2">Do all Activities run in the main thread of

  an application process?</a></li>

  <li><a href="#3">How do I pass complicated data structures

  from one Activity/Service to another?</a></li>

  <li><a href="#4">How can I check if an Activity is already

  running before starting it?</a></li>

  <li><a href="#5">If an Activity starts a remote service, is

  there any way for the Service to pass a message back to the Activity?</a></li>

  <li><a href="#6">How to avoid getting the Application not

  responding dialog?</a></li>

  <li><a href="#7">How does an application know if a package is

  added or removed?</a></li>

</ul>

<a name="1" id="1"></a>

<h2>Do all the Activities and Services of an application run in a

single process?</h2>

<p>All Activities and Services in an application run in a single process by

default. If needed, you can declare an <code>android:process</code> attribute

in your manifest file, to explicitly place a component (Activity/Service) in

another process.</p>

<a name="2" id="2"></a>

<h2>Do all Activities run in the main thread of an application

process?</h2>

<p>By default, all of the application code in a single process runs

in the main UI thread. This is the same thread

that also handles UI events. The only exception is the code that handles

IPC calls coming in from other processes. The system maintains a

separate pool of transaction threads in each process to dispatch all

incoming IPC calls. The developer should create separate threads for any

long-running code, to avoid blocking the main UI thread.</p>

<a name="3" id="3"></a>

<h2>How do I pass data between Activities/Services within a single

application?</h2>

<p>It depends on the type of data that you want to share:</p>

<h3>Primitive Data Types</h3>

<p>To share primitive data between Activities/Services in an

application, use Intent.putExtras(). For passing primitive data that

needs to persist use the 

<a href="{@docRoot}guide/topics/data/data-storage.html#preferences">

Preferences</a> storage mechanism.</p>

<h3>Non-Persistent Objects</h3>

<p>For sharing complex non-persistent user-defined objects for short

duration, the following approaches are recommended:

</p>

  <h4>The android.app.Application class</h4>

  <p>The android.app.Application is a base class for those who need to

maintain global application state. It can be accessed via

getApplication() from any Activity or Service. It has a couple of

life-cycle methods and will be instantiated by Android automatically if

your register it in AndroidManifest.xml.</p>

  <h4>A public static field/method</h4>

  <p>An alternate way to make data accessible across Activities/Services is to use <em>public static</em>

fields and/or methods. You can access these static fields from any other

class in your application. To share an object, the activity which creates your object sets a

static field to point to this object and any other activity that wants to use

this object just accesses this static field.</p>

  <h4>A HashMap of WeakReferences to Objects</h4>

  <p>You can also use a HashMap of WeakReferences to Objects with Long

keys. When an activity wants to pass an object to another activity, it

simply puts the object in the map and sends the key (which is a unique

Long based on a counter or time stamp) to the recipient activity via

intent extras. The recipient activity retrieves the object using this

key.</p>

  <h4>A Singleton class</h4>

  <p>There are advantages to using a static Singleton, such as you can

refer to them without casting getApplication() to an

application-specific class, or going to the trouble of hanging an

interface on all your Application subclasses so that your various

modules can refer to that interface instead. </p>

<p>But, the life cycle of a static is not well under your control; so

to abide by the life-cycle model, the application class should initiate and

tear down these static objects in the onCreate() and onTerminate() methods

of the Application Class</p>

</p>

<h3>Persistent Objects</h3>

<p>Even while an application appears to continue running, the system

may choose to kill its process and restart it later. If you have data

that you need to persist from one activity invocation to the next, you

need to represent that data as state that gets saved by an activity when

it is informed that it might go away.</p>

<p>For sharing complex persistent user-defined objects, the

following approaches are recommended:

<ul>

  <li>Application Preferences</li>

  <li>Files</li>

  <li>contentProviders</li>

  <li>SQLite DB</li>

</ul>

</p>

<p>If the shared data needs to be retained across points where the application

process can be killed, then place that data in persistent storage like

Application Preferences, SQLite DB, Files or ContentProviders. Please refer to

the <a href="{@docRoot}guide/topics/data/data-storage.html">Data Storage</a>

for further details on how to use these components.</p>

<a name="4" id="4"></a>

<h2>How can I check if an Activity is already running before starting

it?</h2>

<p>The general mechanism to start a new activity if its not running&mdash;

or to bring the activity stack to the front if is already running in the

background— is the to use the NEW_TASK_LAUNCH flag in the startActivity()

call.</p>

<a name="5" id="5"></a>

<h2>If an Activity starts a remote service, is there any way for the

Service to pass a message back to the Activity?</h2>

<p>The remote service can define a callback interface and register it with the

clients to callback into the clients. The 

{@link android.os.RemoteCallbackList RemoteCallbackList} class provides methods to

register and unregister clients with the service, and send and receive

messages.</p>

<p>The sample code for remote service callbacks is given in <a

href="{@docRoot}guide/samples/ApiDemos/src/com/example/android/apis/app/RemoteService.html">ApiDemos/RemoteService</a></p>

<a name="6" id="6"></a>

<h2>How to avoid getting the Application not responding dialog?</h2>

<p>Please read the <a href="{@docRoot}guide/practices/design/responsiveness.html">Designing for Responsiveness</a> 

document.</p>

<a name="7" id="7"></a>

<h2>How does an application know if a package is added or removed?

</h2>

<p>Whenever a package is added, an intent with PACKAGE_ADDED action

is broadcast by the system. Similarly when a package is removed, an

intent with PACKAGE_REMOVED action is broadcast. To receive these

intents, you should write something like this:

<pre>

       <receiver android:name ="com.android.samples.app.PackageReceiver">

            <intent-filter>

             <action android:name="android.intent.action.PACKAGE_ADDED"/>

              <action android:name="android.intent.action.PACKAGE_REMOVED"/>            

              <data android:scheme="package" />

            </intent-filter>

        </receiver>

  </pre>

  <br>

Here PackageReceiver is a BroadcastReceiver class.Its onReceive()

method is invoked, every time an application package is installed or

removed.

</p>

<p>You should have already been redirected by your browser. Please follow

<a href="{@docRoot}resources/faq/framework.html">this link</a>.</p>

 No newline at end of file

page.title=FAQs, Tips, and How-to

@jd:body

@jd:body

<dl>

<script type="text/javascript">

    <dt><a href="commontasks.html">Common Development Tasks and How To Do Them</a></dt>

  document.location=toRoot+"resources/faq/index.html"

    <dd>Quick and to the point &mdash; how-to's for a variety of development tasks you are likely to use.</dd>

</script>

    <dt><a href="framework.html">Application Framework FAQ</a></dt>

    <dd>Common questions about the Android Application Framework.</dd>

<p>You should have already been redirected by your browser. Please follow

    <dt><a href="troubleshooting.html">Troubleshooting Tips</a></dt>

<a href="{@docRoot}resources/faq/index.html">this link</a>.</p>

    <dd>Answers to help you troubleshoot common problems.</dd>

 No newline at end of file

    <dt><a href="licensingandoss.html">Open Source Licensing FAQ</a></dt>

    <dd>Common topics around licensing and Android Open Source</dd>

    <dt><a href="security.html">Android Security FAQ</a></dt>

    <dd>Answers to common questions about Android security.</dd>

</dl>

page.title=Android Open Source Licensing FAQ

parent.title=FAQs, Tips, and How-to

parent.link=index.html

@jd:body

@jd:body

<ul>

<script type="text/javascript">

    <li><a href="#mirror">Where can I find the open source components of Android?</a></li>

  document.location=toRoot+"resources/faq/licensingandoss.html"

    <li><a href="#timeline">When will we see more code released under open source licenses?</a></li>

</script>

    <li><a href="#apache2">Why are you releasing the code under the Apache License instead of GPLv2?</a></li>

</ul>

<a name="mirror" id="mirror"></a><h2>Where can I find the open source components of Android?</h2>

<p>You should have already been redirected by your browser. Please follow

<p>The source code for the full Android stack is available from the <a href="http://source.android.com">Android Open Source Project </a> site. 

<a href="{@docRoot}resources/faq/licensingandoss.html">this link</a>.</p>

 No newline at end of file

<p>Other mirrored GPL and LGPL'd components are available at <a href="http://code.google.com/p/android/downloads/list"><code>http://code.google.com/p/android/downloads/list</code></a>.</p>

<p>Notices for other licenses can be found within the SDK.</p>

<a name="apache2" id="apache2"></a><h2>Why are you releasing the code under the Apache License instead of GPLv2?</h2>

<p>One of the best explanations for the reasoning behind releasing code under Apache2 can be found in a <a href="http://arstechnica.com/news.ars/post/20071106-why-google-chose-the-apache-software-license-over-gplv2.html">ArsTechnica article</a> by Ryan Paul.</p>

page.title=Android Security FAQ

parent.title=FAQs, Tips, and How-to

parent.link=index.html

@jd:body

@jd:body

<ul>

<script type="text/javascript">

    <li><a href="#secure">Is Android Secure?</a></li>

  document.location=toRoot+"resources/faq/security.html"

    <li><a href="#issue">I think I found a security flaw. How do I report

</script>

    it?</a></li>

    <li><a href="#informed">How can I stay informed of Android security

    announcements?</a></li>

    <li><a href="#use">How do I securely use my Android phone?</a></li>

    <li><a href="#malware">I think I found malicious software being distributed

    for Android. How can I help?</a></li>

    <li><a href="#fixes">How will Android-powered devices receive security fixes?</a>

    </li>

    <li><a href="#directfix">Can I get a fix directly from the Android Platform

    Project?</a></li>

</ul>

<p>You should have already been redirected by your browser. Please follow

<a name="secure" id="secure"></a><h2>Is Android secure?</h2>

<a href="{@docRoot}resources/faq/security.html">this link</a>.</p>

 No newline at end of file

<p>The security and privacy of our users' data is of primary importance to the

Android Open Source Project. We are dedicated to building and maintaining one

of the most secure mobile platforms available while still fulfilling our goal

of opening the mobile device space to innovation and competition.</p>

<p>The Android Platform provides a rich <a

href="http://code.google.com/android/devel/security.html">security model</a>

that allows developers to request the capabilities, or access, needed by their 

application and to define new capabilities that other applications can request.

The Android user can choose to grant or deny an application's request for

certain capabilities on the handset.</p>

<p>We have made great efforts to secure the Android platform, but it is

inevitable that security bugs will be found in any system of this complexity.

Therefore, the Android team works hard to find new bugs internally and responds

quickly and professionally to vulnerability reports from external researchers.

</p>

<a name="issue" id="issue"></a><h2>I think I found a security flaw. How do I

report it?</h2>

<p>You can reach the Android security team at <a

href="mailto:security@android.com">security@android.com</a>. If you like, you

can protect your message using our <a

href="http://code.google.com/android/security_at_android_dot_com.txt">PGP

key</a>.</p>

<p>We appreciate researchers practicing responsible disclosure by emailing us 

with a detailed summary of the issue and keeping the issue confidential while 

users are at risk. In return, we will make sure to keep the researcher informed

of our progress in issuing a fix and will properly credit the reporter(s) when

we announce the patch. We will always move swiftly to mitigate or fix an 

externally-reported flaw and will publicly announce the fix once patches are 

available to users.</p>

<a name="informed" id="informed"></a><h2>How can I stay informed of Android

security announcements?</h2>

<p>An important part of sustainably securing a platform, such as, Android is

keeping the user and security community informed of bugs and fixes. We will

publicly announce security bugs when the fixes are available via postings to

the <a

href="http://groups.google.com/group/android-security-announce">android-security-announce</a>

group on Google Groups. You can subscribe to this group as you would a mailing

list and view the archives here.</p>

<p>For more general discussion of Android platform security, or how to use

security features in your Android application, please subscribe to <a

href="http://groups.google.com/group/android-security-discuss">android-security-discuss</a>.

</p>

<a name="use" id="use"></a><h2>How do I securely use my Android phone?</h2>

<p>As an open platform, Android allows users to load software from any

developer onto a device.  As with a home PC, the user must be

aware of who is providing the software they are downloading and must decide

whether they want to grant the application the capabilities it requests.

This decision can be informed by the user's judgment of the software

developer's trustworthiness, and where the software came from.</p>

<p>Despite the security protections in Android, it is important

for users to only download and install software from developers they trust.

More details on how Android users can make smart security decisions will be

released when consumer devices become available.</p>

<a name="malware" id="malware"></a><h2>I think I found malicious software being

distributed for Android. How can I help?</h2>

<p>Like any other open platform, it will be possible for unethical developers

to create malicious software, known as <a

href="http://en.wikipedia.org/wiki/Malware">malware</a>, for Android. If you

think somebody is trying to spread malware, please let us know at <a 

href="mailto:security@android.com">security@android.com</a>. Please include as

much detail about the application as possible, with the location it is

being distributed from and why you suspect it of being malicious software.</p>

<p>The term <i>malicious software</i> is subjective, and we cannot make an 

exhaustive definition.  Some examples of what the Android Security Team believes

to be malicious software is any application that:

<ul>

    <li>drains the device's battery very quickly;</li>

    <li>shows the user unsolicited messages (especially messages urging the

    user to buy something);</li>

    <li>resists (or attempts to resist) the user's effort to uninstall it;</li>

    <li>attempts to automatically spread itself to other devices;</li>

    <li>hides its files and/or processes;</li>

    <li>discloses the user's private information to a third party, without the

    user's knowledge and consent;</li>

    <li>destroys the user's data (or the device itself) without the user's

    knowledge and consent;</li>

    <li>impersonates the user (such as by sending email or buying things from a

    web store) without the user's knowledge and consent; or</li>

    <li>otherwise degrades the user's experience with the device.</li>

</ul>

</p>

<a name="fixes" id="fixes"></a><h2>How will Android-powered devices receive security

fixes?</h2>

<p>The manufacturer of each device is responsible for distributing software

upgrades for it, including security fixes. Many devices will update themselves

automatically with software downloaded "over the air", while some devices

require the user to upgrade them manually.</p>

<p>When Android-powered devices are publicly available, this FAQ will provide links how

Open Handset Alliance members release updates.</p>

<a name="directfix" id="directfix"></a><h2>Can I get a fix directly from the

Android Platform Project?</h2>

<p>Android is a mobile platform that will be released as open source and

available for free use by anybody. This means that there will be many

Android-based products available to consumers, and most of them will be created

without the knowledge or participation of the Android Open Source Project. Like

the maintainers of other open source projects, we cannot build and release

patches for the entire ecosystem of products using Android. Instead, we will

work diligently to find and fix flaws as quickly as possible and to distribute

those fixes to the manufacturers of the products.</p>

<p>In addition, We will add security fixes to the open source distribution of

Android and publicly announce the changes on <a 

href="http://groups.google.com/group/android-security-announce">android-security-announce</a>.

</p>

<p>If you are making an Android-powered device and would like to know how you can 

properly support your customers by keeping abreast of software updates, please

contact us at <a

href="mailto:info@openhandsetalliance.com">info@openhandsetalliance.com</a>.</p>