How to block some url (site) on android default browser???
I want to restrict user to access some url which are black listed.
eg. If i want to block facebook then phone inbuilt app browser will not access this facebook site.
Thanks in advance!
Do you want to block some websites on a user's device by letting them install an app?
If that is the case, it will only work if they are rooted. If they are, then you could add an entry of the url to the hosts file and redirect it to another ip address (eg 127.0.0.1). But since they need to be rooted, they will probably get a popup asking for permission to access root. This could raise some suspicion with the user.
On a device that's not rooted, preventing the standard browser from accessing a certain website is not possible by installing an app.
You can't prevent the user from using their browser on their device to access any site.
If you want to do this, make your own browser and replace the one on their device with it (may not be possible without root).
There's a work around which is using a VPN service to monitor and filter all the traffic.
An example of this is the NetGuard project:
https://github.com/M66B/NetGuard.
Of course, the user should give his permission to permit this service to take control of the traffic. And in some systems, some system applications are not directed to this service (I've noted that the Samsung Web Browser traffic is not sent through the system VPN).
Related
I want to off mobile data for some specific apps,what I want is that if my mobile data is on then I can allow only whatsapp to access,no other app. I know its possible because some apps for same are available on google play but I am not getting any code for the same. I have googled a lot.Any help is appreciated.
Go to Settings > Data usage then you can see app usage and select each app and turn on restrict app background data.
You can make a VPN application. Within the application you can make a list which apps allowed to access internet and which apps not to allow it. Make sure the connection is through that VPN application. Then filter the connection in your VPN based on the lists
You can use VPN, build your own server and transmit all the traffic through that server, than you can filter all the traffic.
Maybe you can google "OpenVpn" or "ToyVPN" in android's sdk for some ref.
for some business application scenario, we need to make an application (or a background service/daemon) that sits on an Android device and is activated when person, using any Android browser, comes to a certain website. We control the website content and can put any HTML/javascript/something else in it if needed.
So the idea is that popup window with some message/choice is presented to the user when the user visits the website and clicks something. One idea, which I don't know if it is feasible, is to listen for all HTTP requests (if this hook exists somewhere in the SDK) and recognize an URL we are interested in, which would in turn trigger our application.
Any other ideas?
Kind regards,
Bozo
One idea, which I don't know if it is feasible, is to listen for all HTTP requests (if this hook exists somewhere in the SDK) and recognize an URL we are interested in, which would in turn trigger our application.
Fortunately, this is not possible.
You are welcome to create an application that has an activity with an <intent-filter> that identifies the URL you are interested in. Depending on how the user accesses the URL in question, they may get a choice of launching your app or one of their browsers. Users, of course, are perfectly welcome to ignore your app and load up the URL in a browser.
Any other ideas?
Any solution would represent a security flaw in Android. Hence, I sincerely hope that you fail in your quest.
You could write a proxy.
Orbot uses iptables to redirect to it's proxy service but it seems that not all Android distributions have the iptables module enabled so it might only work on rooted devices.
https://gitweb.torproject.org/orbot.git/tree/HEAD:/src/org/torproject/android
Following is the scenario:
I have an web application accessible via mobile browser.
I need to detect a mobile device IMEI and sim IMSI whenever an user clicks on link in my app page accessible via web browser. This is to track the same device with same SIM and provide him/her next level of access. User cannot be tracked using loginid as there is no user login kind of option in my page.
The question is how to get unique device id/sim id via mobile browser for a specific mobile device.
For now I am focusing on android based mobile devices. But the target is to make it generic to devices.
Focus of most of the ideas is, what is the kind of access a browser has over the phone and its app?
From a browser link we can open a local app in the following way:
Get Details
here productcateory will uniquely identify a local app and invoke it. But its one way communication. How to get back some response from the point of invocation and populate some hidden form field dynamically.
Via webpage scripts we can store some data locally at client machine and retrieve it later. but the scope is limited and it is no way connected to IMEI or IMSI number.
Is there a way to get a hook to mobile browser app(remember it's like any other mobile application) from the webpage and get the id details via scripts in my page?
Is there any option that html5 provides in this regard? I know there is a localstorage tag in HTML5 and one can store an id in the client location and retrieve it later. But this is limited to the same device and same mobile browser and also this is a different solution to get the imei/imsi number
Let me know if there is any other option without asking user to installing a local app or browser plugin on the device?
~inkriti
For very good reasons it is impossible for the web browser to access the IMEI or IMSI numbers of a mobile phone, without some dastardly hacking that the dev teams hadn't expected.
Also the android browser doesn't support plugins.
Your only option is to create a native app. This answer has some info that will be useful to you: Programmatically obtain the phone number of the Android phone. Its not a perfect solution however.
I would also ask why you want access to the users phone number? If its just to track session just use javascript to generate a unique id and store it in a cookie.
The original issue is probably closed, however for future reference of anyone (like myself) that comes across this question would be something like 2-factor registration with confirmation via text. The closest to getting an IMEI (impossible without native apps) would be to get the user to register and include a text confirmation - the mobile phone number in most cases will be unique, only non-unique when changing devices, and some assumptions can be made from the client-side to guess what device they have, you could even go a step further and ask them to identify the make/os of their device if you were that concerned about unique-ness. However in most use-cases a mobile number confirmation will do the job
The only reliable way is to write an app and have it send a SMS and then track the number on that end; assuming the subscriber has SMS/text service enabled. This won't work on non-phones (tablets).
It is not important, nor is it necessary and it is probably illegal to track the device (IMEI); simply track the subscriber.
You know there are internet providers that require log in though a website. Most common examples are the coffee shops, or airport points, or hotels.
It's ok for your laptop because you can use a browser and you are done, but what if you wanted to use your android apps in your phone? how you set the auth data to them?
does anybody knows an app which will allow me to do that? e.g. set the needed auth to let the rest of the apps run without a problem.. I'm thinking of a proxy but not sure if it is what i need here..
thanks!
The way those authentication points work is that most traffic through the access point are dropped until the user opens their browser. The browser's HTTP request is ignored and the gateway page is displayed instead, and once the user accepts the terms of service, or pays, or whatever, the packet filter is disabled for your device.
This means that an app that's authenticated to the hotspot can run any kind of application over the network without the application being aware of the hotspot's specific security model. However, it does mean that you'd need to put a browser in your app and use some fairly fuzzy logic to determine when to show it.
Most of the time, the user will know when he or she is using this type of provider and will know to login through the android browser first.
I want to hide our Android application from remote Device Access like TeamViewer, anyDesk for security reasons.
Requirement is when user phone is given for remote access, if my application is opens then other person has to see black screen instead of my app.
For example:-
In Mobile A has my app let's say ABC App, Now Mobile A given remote access to Mobile B.Now when Mobile A opens ABC App then Mobile B has to see black screen instead of ABC App.
If FLAG_SECURE does not work (it is blocking screenshots and screencasts but not blocking a particular remote-support app), then the remote-support app vendor has partnered with the device manufacturer for low-level access (e.g., direct access to framebuffers). There are no defenses against this.
The best that you can do is try to come up with a blacklist of apps, use PackageManager to see if any of those apps are installed, and refused to show various screens in your app until the user uninstalls those other apps.
The best that you can try getWindow().getWindowManager() before setContentView() on Activity which you don't want to share. This will protect the screen.