Prevent clickjacking attack in DocsUi. (c8e21a60) · Commits · e / os / android_packages_apps_DocumentsUI

AndroidManifest.xml

+1 −0

Original line number	Diff line number	Diff line
		@@ -33,6 +33,7 @@
		<uses-permission android:name="android.permission.MODIFY_QUIET_MODE" />
		<uses-permission android:name="android.permission.QUERY_ALL_PACKAGES" />
		<uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
		<uses-permission android:name="android.permission.HIDE_OVERLAY_WINDOWS"/>

		<!-- Permissions required for reading and logging compat changes -->
		<uses-permission android:name="android.permission.LOG_COMPAT_CHANGE"/>

+4 −0

Original line number	Diff line number	Diff line
		@@ -172,6 +172,10 @@ public abstract class BaseActivity
		// Record the time when onCreate is invoked for metric.
		mStartTime = new Date().getTime();

		if (SdkLevel.isAtLeastS()) {
		getWindow().setHideOverlayWindows(true);
		}

		// ToDo Create tool to check resource version before applyStyle for the theme
		// If version code is not match, we should reset overlay package to default,
		// in case Activity continueusly encounter resource not found exception

+6 −1

Original line number	Diff line number	Diff line
		@@ -32,6 +32,7 @@ import com.android.documentsui.BaseActivity;
		import com.android.documentsui.R;
		import com.android.documentsui.base.DocumentInfo;
		import com.android.documentsui.base.Shared;
		import com.android.modules.utils.build.SdkLevel;

		import com.google.android.material.dialog.MaterialAlertDialogBuilder;

		@@ -102,7 +103,11 @@ public class ConfirmFragment extends DialogFragment {
		builder.setNegativeButton(android.R.string.cancel,
		(DialogInterface dialog, int id) -> pickResult.increaseActionCount());

		return builder.create();
		Dialog dialog = builder.create();
		if (SdkLevel.isAtLeastS()) {
		dialog.getWindow().setHideOverlayWindows(true);
		}
		return dialog;
		}

		@Override