summaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorMichael Wright <michaelwr@google.com>2016-03-22 16:52:13 -0700
committerThe Android Automerger <android-build@google.com>2016-04-21 19:11:18 -0700
commit03a53d1c7765eeb3af0bc34c3dff02ada1953fbf (patch)
treeeb3466b1b14225cec1d89468849383d9f3d87bfd /include
parenta59b827869a2ea04022dd225007f29af8d61837a (diff)
downloadframeworks_native-03a53d1c7765eeb3af0bc34c3dff02ada1953fbf.zip
frameworks_native-03a53d1c7765eeb3af0bc34c3dff02ada1953fbf.tar.gz
frameworks_native-03a53d1c7765eeb3af0bc34c3dff02ada1953fbf.tar.bz2
Add new MotionEvent flag for partially obscured windows.
Due to more complex window layouts resulting in lots of overlapping windows, the policy around FLAG_WINDOW_IS_OBSCURED has changed to only be set when the point at which the window was touched is obscured. Unfortunately, this doesn't prevent tapjacking attacks that overlay the dialog's text, making a potentially dangerous operation seem innocuous. To avoid this on particularly sensitive dialogs, introduce a new flag that really does tell you when your window is being even partially overlapped. We aren't exposing this as API since we plan on making the original flag more robust. This is really a workaround for system dialogs since we generally know their layout and screen position, and that they're unlikely to be overlapped by other applications. Bug: 26677796 Change-Id: I9e336afe90f262ba22015876769a9c510048fd47
Diffstat (limited to 'include')
-rw-r--r--include/input/Input.h13
1 files changed, 13 insertions, 0 deletions
diff --git a/include/input/Input.h b/include/input/Input.h
index 617175b..82fc659 100644
--- a/include/input/Input.h
+++ b/include/input/Input.h
@@ -45,6 +45,19 @@ enum {
};
enum {
+
+ /**
+ * This flag indicates that the window that received this motion event is partly
+ * or wholly obscured by another visible window above it. This flag is set to true
+ * even if the event did not directly pass through the obscured area.
+ * A security sensitive application can check this flag to identify situations in which
+ * a malicious application may have covered up part of its content for the purpose
+ * of misleading the user or hijacking touches. An appropriate response might be
+ * to drop the suspect touches or to take additional precautions to confirm the user's
+ * actual intent.
+ */
+ AMOTION_EVENT_FLAG_WINDOW_IS_PARTIALLY_OBSCURED = 0x2,
+
/* Motion event is inconsistent with previously sent motion events. */
AMOTION_EVENT_FLAG_TAINTED = 0x80000000,
};