I'd like to access (and change) settings of the stock android browser via code. Is it possible, and if so - how?
YES, it's programming question - i'd like to change it by code, not by manual clicking.
What about doing it for rooted device?
Android's operating system level security model basically prevents this. Your program would need to run as the same user ID as the browser or as the superuser, which is not possible unless you have the certificate used to sign the browser or your application is only for rooted phones.
In the unlikely event that one of these is the case, you would ensure the browser is not running and then simply change its private databases. Looking at the browser source should reveal anything that's not clear about the databases and any other places it might be storing things.
With some work, you could make an alternative browser that is a near twin of the stock one but either cooperates by providing an API for programmatic settings changes, or is signed with a certificate you do possess, so that your other program can establish a shared user id with it and change its settings db.
Related
We are working on a secure app in which we share secure data with corporate users. Since the data needs to be secured and the user shouldn't be able to copy the data.
The issue is, using Samsung Knox, we can disable copy-paste for all apps and also block clipboard sharing between apps(https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/restriction/RestrictionPolicy.html#allowClipboardShare(boolean))
but the issue is: this is not what we want.
What we need is: users should be able to copy text from our app and use it internally in our app. but the same copied data shouldn't be accessible to other apps. and text copied in another app should be accessible to our app.
mostly this app will be having web views.
Any options I can manage this? any mechanism we can implement our own copy-paste context menu or something?
Any inputs...??
Android Enterprise has a policy that can limit clipboard sharing between the work and personal profile: CrossProfileCopyPaste.
It is not exactly what you are asking for because this will allow to use the same clipboard within the work profile, but you cannot copy content from the work profile to the personal one.
Create SEAMS container on Samsung device and apply restriction for Clipboard share. This is same concept from Linux where apps are added to categories and we can define granular policies.
https://docs.samsungknox.com/dev/knox-sdk/container-seams.htm
https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/seams/SEAMSPolicy.html
While this have been deprecated since Android 30 its still working now and i hope Google shall provide similar policies in Android in future.
I get this question when I was looking in any banking,
payment-related apps show a specific icon that indicates a secure environment.
I search on google but I didn't find anything on there.
please check the below screenshot to better understand.
I come across similar question as well, there is no much information about this, firstly I saw this in Samsung S-pay website saying:
A Secure Environment is a physically segregated chip in the phone
which only allows access to highly sensitive operations/information
such as fingerprint and payment information. Normal applications and
malware have no access to the information in a Secure Environment.
If you search more with the keyword Trusted Execution Environment, then you can realize it is a security standard specified in mobile environment. Like this.
So when your Android code are being executed in Trusted Execution Environment, then the "Secure Environment" sign will appear in the app bar to inform you that you are in secure transaction. As per my observation, it is mostly appear when we are using our fingerprint, that actually make sense as accessing fingerprint (or pin) require higher security standard.
best regards from Venezuela, I am new to stackoverflow, and this is my first question on this site.
This question will be long because I am providing a lot of detail, so this question is as clear as possible.
Brief introduction.
I have created an app that runs on Android devices, this app allows you to share files between devices that are connected to the same WI-FI network. but with a different methodology to that used by apps that are intended to fulfill this same purpose.
On the device where my app is running (which we will named device one), a url similar to http://192.168.1.102:7898 is generated, and said url must be entered in a web browser installed on the device with which you want to share the files (which we will named device two).
The main purpose is to offer a way to share files between devices, using WI-FI. without the need for device two, my app has to be installed.
You can find more information in https://labs.xda-developers.com/store/app/com.tecnoelias.ipfiles
...
So far everything works fine. But, it is annoying that every time someone wants to share files using my app, on device two, they have to enter the url described above. keeping in mind that said url will change as the WI-FI router decides, and therefore, you should not use shortcuts to the url (bookmarks or navigation history).
Having said all this, the following question arises.
Is there a way to get device two to access that url without having to type it manually by the user?
To accomplish this, three ideas occurred to me.
1: Generate a QR code in the app. but this requires that on device two, an additional app is installed that can read QR codes. which violates my purpose.
2: Implement in the app, a mechanism that allows you to find other devices that my app is working on, and in this way, interact with those devices (through my app, similar to how other file transfer apps do). This is a good idea, but it nevertheless requires that my app be installed on both devices.
3: My third idea and the one I would like to implement is the following:
On device one, it will open my app and then activate it.
When the app is activated, the app will search for other devices that are connected to the same WI-FI network, until it finds device two.
If successful, a SOMEWHAT will be sent programmatically to the device two, that SOMEWHAT can be, a message, a bit, a data packet, or anything else that helps to realize this idea .
After device two receives that SOMEWHAT, it will show a notification or a pop-up window, which will allow access to the url generated in my app (on device one).
Consider two things. 1: NO additional app MUST be installed on device two. and 2: Because device two can be running any operating system, the SOMEWHAT will be a different mechanism for each operating system, (operating systems can be, Android, IOS, BlackBerry, Symbian, Windows Phone, Windows, Linux, Mac, among others).
If for example, device two, runs Android 10 (not rooted), and has the most common applications installed, which can be: WhatsApp, Facebook Messeinger, Google Play Services, other Google apps, and system applications.
My thought is that you should be able to use one of those apps, to receive the url, and after clicking on that url, the web browser will open, and then it will load the corresponding webpage (which in this case, is to access the files shared by device one, through my app).
Any ideas?
You can give me your opinion, some code, or you can just tell me that this can't be accomplished.
Any response or suggestion are appreciated.
I am thinking of building a new tab page for chrome which works for both desktop and mobile devices. I know that the chrome extensions do not work for mobile devices but the mobile app can be integrated with other apps on the mobile device as found here. Hence, I was thinking whether an android app can be used as a workaround which overrides the new tab page. Is this possible? If yes, how?
What you want is not possible if the Google chrome does not provide you an API for that. It is because all the Android applications are prepared to be as a single app package that can't know anything about other apps but the things the OS (Android) provides to them. For example, you can query the OS to know what apps can answer to a question (Intent) like: "Who can open an email?".
Imagine what would happen if what you want could be possible. I am an attacker that for some reason wants to inject a behavior in another app. This app can't have the control of what it is doing anymore and we can inject, bypass permissions or whatever, without the user agreement.
However, some kind of modifications of this type can be done by adding some files in a rooted device. Anyway, this is a complex situation and something that cannot suit your needs.
I want to deploy an Android app in a similar fashion as the Wireless, Over-The-Air method that exists for iOS devices. That is, setup a web page and the user clicks a link from his device that includes the manifest (xml) file, containing information on how to download the app. This works well on iOS devices, and I thought Android may have something similar.
How do I go about this?
Thank you for any help.
Please the comments above. Have the correct MIME settings, link to the apk, and make sure unknown sources is checked on the device to allow non-market apps.
Since you seem to imply an app market / store is not involved in the iOS case, it seems you might be talking about an offline-cacheable "web app" rather than a native iOS application.
The android equivalent is: on devices where the offline web app capability exists, just visit the same web page (referencing an html5 manifest with appropriate mime type, etc) you are using for iOS. Perhaps you will ultimately end up with platform-specific refinements, but the basic idea is portable.
Or perhaps you just mean that a desktop/laptop need not be used to open obtain the app. On Android, that has been the case since day 1 - the primary market client is on the device, with over-the-air install. You can send an android device to the market with a market:// url. The ability to trigger an install from a web browser running on something other than the device is a more recent and still secondary capability on android.
Finally, android does offer the ability to side load native applications, something that has no iOS equivalent outside of jailbreaking or having a developer account. Most of the responses seem to concentrate on this, but it's not clear if that is what you are actually asking for.