Make toasts non-clickable
Since enforcement was only on client-side, in Toast class, an app could
use reflection (or other means) to make the Toast clickable. This is a
security vulnerability since it allows tapjacking, that is, intercept touch
events and do stuff like steal PINs and passwords.
This CL brings the enforcement to the system by applying flag
Test: atest CtsWindowManagetDeviceTestCases:ToastTest
Test: Construct app that uses reflection to remove flag FLAG_NOT_TOUCHABLE and
log click events. Then:
1) Observe click events are logged without this CL.
2) Observer click events are not logged with this CL.
(cherry picked from commit 6bf18c39d9fc727523fa3201567b836032bb2114)
diff --git a/services/core/java/com/android/server/policy/PhoneWindowManager.java b/services/core/java/com/android/server/policy/PhoneWindowManager.java
index 7d6b896..0275076 100644
@@ -2804,6 +2804,8 @@
attrs.hideTimeoutMilliseconds = TOAST_WINDOW_TIMEOUT;
attrs.windowAnimations = com.android.internal.R.style.Animation_Toast;
+ // Toasts can't be clickable
+ attrs.flags |= WindowManager.LayoutParams.FLAG_NOT_TOUCHABLE;