当前位置: 文江博客话题详情

如何检查是否使用本机/硬件键盘?

发布于 2024-12-16 11:49:16 字数 896 浏览 1 评论 0原文

我想检查是否使用了本机/硬件键盘,如果可能的话我想禁用第三方键盘。

我的目标很简单,我只使用本机 android 软键盘在编辑框中输入值,其他键盘不应该能够做到这一点

谢谢

编辑

我知道做我正在尝试的事情不是一个好主意要做到这一点,我知道android的基本思想是拥有意图、活动和服务,它们知道根据意图过滤器处理某些类型的意图。但这在每条规则中都有一个例外,尤其是当我们谈论安全时。

我想禁用所有第三方键盘,如果无法使用某些 API 或其他东西来做到这一点......这个问题有什么解决方法吗?

编辑

String s=Settings.Secure.getString(getContentResolver(), Settings.Secure.DEFAULT_INPUT_METHOD);

这将返回当前启用的输入法(键盘),但我需要类似“系统键盘”的东西,但我没有看到任何类似的标志:-(。

List<InputMethodInfo> list = m.getInputMethodList();

一种可能的解决方案是采用列表[0] 作为我正在搜索的键盘,但我不想转发订单(除非订单保证索引为 0 的键盘始终是随手机安装的键盘),

这是列表的值

[InputMethodInfo{com.htc.android.htcime/.HTCIMEService, settings: com.htc.android.htcime.HTCIMESettings}, InputMethodInfo{com.volosyukivan/.WiFiInputMethod, settings: null}]
原文

I want to check if the native/hardware keyboard is used, and also if possible I want to disable the third party keyboards.

My goal is simple I use just the native android soft keyboard for entering values in my edit boxes and no other keyboard should be able to this

Thanks

EDIT

I know it is not good idea to do what I am trying to do, I know that the basic idea of android is to have intents and activities and services who know to handle some types of intent according intent-filter. But this in every rule there is an exception, especially when we talk about security.

I want to disable all third party keyboards, and if this is not possible to do it with some API or something... is there any workaround to this problem ?

EDIT

String s=Settings.Secure.getString(getContentResolver(), Settings.Secure.DEFAULT_INPUT_METHOD);

This returns the currently enabled input method (keyboard),but I need something like the 'system keyboard' and I do not see any flag like that :-(.

List<InputMethodInfo> list = m.getInputMethodList();

One possible solution is to take the list[0] as the keyboard I am searching, but I do not want to relay on the order (except if the order is garanteed that always the keyboard with index 0 is the one that comes install with the phone)

this is the value of list

[InputMethodInfo{com.htc.android.htcime/.HTCIMEService, settings: com.htc.android.htcime.HTCIMESettings}, InputMethodInfo{com.volosyukivan/.WiFiInputMethod, settings: null}]

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(3

年少掌心 2024-12-23 11:49:16

像这样的东西应该让您检查用户是否使用非标准键盘。但是,与其阻止他们使用此键盘,不如提供有关可能的安全风险的有用警告消息怎么样?

public boolean isUsingCustomInputMethod() {
    InputMethodManager imm = (InputMethodManager) mCtx.getSystemService(
        Context.INPUT_METHOD_SERVICE);
    List<InputMethodInfo> mInputMethodProperties = imm.getEnabledInputMethodList();
    final int N = mInputMethodProperties.size();
    for (int i = 0; i < N; i++) {
        InputMethodInfo imi = mInputMethodProperties.get(i);
        if (imi.getId().equals(
            Settings.Secure.getString(mCtx.getContentResolver(),
                    Settings.Secure.DEFAULT_INPUT_METHOD))) {
            if ((imi.getServiceInfo().applicationInfo.flags & 
                ApplicationInfo.FLAG_SYSTEM) == 0) {
                return true;
            }
        }
    }
    return false;
}

Something like this should let you check if the user is using a non-standard keyboard. However, instead of preventing them using this keyboard, how about a helpful warning message about the possible security risks?

public boolean isUsingCustomInputMethod() {
    InputMethodManager imm = (InputMethodManager) mCtx.getSystemService(
        Context.INPUT_METHOD_SERVICE);
    List<InputMethodInfo> mInputMethodProperties = imm.getEnabledInputMethodList();
    final int N = mInputMethodProperties.size();
    for (int i = 0; i < N; i++) {
        InputMethodInfo imi = mInputMethodProperties.get(i);
        if (imi.getId().equals(
            Settings.Secure.getString(mCtx.getContentResolver(),
                    Settings.Secure.DEFAULT_INPUT_METHOD))) {
            if ((imi.getServiceInfo().applicationInfo.flags & 
                ApplicationInfo.FLAG_SYSTEM) == 0) {
                return true;
            }
        }
    }
    return false;
}
回复 原文
北陌 2024-12-23 11:49:16

我想检查是否使用了本机/硬件键盘

您可以使用Configuration对象来查看设备的硬件键盘是否被隐藏。通常,这意味着他们正在使用该键盘,因为大多数设备在硬件键盘可用时不会显示 IME。但是,某些设备可能同时支持两者,并且我不知道外部键盘(USB、蓝牙)如何与该值交互。

如果可能的话,我想禁用第三方键盘。

幸运的是,这是不可能的。

这个问题有解决办法吗?

问题中到目前为止没有提到任何问题。

是的,他们会不高兴,但如果你让他们的安全数据被破坏,他们会更不高兴

如果用户选择使用替代键盘,这是他们作为用户的选择。如果用户愿意,他们完全可以切换键盘。用户完全有能力做出这些决定。由于设备加载了来自该因素的间谍软件,例如 CarrierIQ。因此,您认为通过攻击用户的键盘选择来提高安全性的假设从根本上是有缺陷的。

当然,您根本不必支持使用任何键盘,从而迫使用户使用您自己设计的某种屏幕输入选项。这也不是完全安全的(例如,窃听攻击),并且对于出于特定原因选择某些第三方键盘的人(例如,盲人用户、有电机控制问题的用户)可能会导致可用性问题。

我不知道有一种方法可以明确确定固件自己的 IME 是什么,特别是因为这因设备和固件而异。

I want to check if the native/hardware keyboard is used

You can use the Configuration object to see if the device's hardware keyboard is hidden. Usually, that would imply they are using that keyboard, since most devices do not show an IME when the hardware keyboard is available. However, some devices might support both simultaneously, and I don't know how external keyboards (USB, Bluetooth) interact with this value.

also if possible I want to disable the third party keyboards.

Fortunately, this is not possible.

is there any workaround to this problem ?

There is no problem cited to this point in the question.

yes the will not be happy, but they will be much more unhappy if you let their secure data to be corrupt

If users choose to use an alternative keyboard, that is their choice as users. The user is perfectly capable of switching keyboards if they wish. The user is perfectly capable of making these decisions. It is entirely possible that an alternative keyboard is more secure than a built-in one, due to devices loaded with spyware from the factor, such as CarrierIQ. Hence, your assumption that you are improving security by attacking the user's choice of keyboard is fundamentally flawed.

Of course, you do not have to support using any keyboard at all, forcing users to use some sort of on-screen input option that you devise yourself. This is not completely secure either (e.g., tapjacking attacks), and it may cause usability problems for people who chose certain third-party keyboards for specific reasons (e.g., blind users, users with motor control issues).

I am not aware that there is a way to definitively determine what the firmware's own IME is, particularly since this varies by device and firmware.

回复 原文
傾旎 2024-12-23 11:49:16

我找到精确的解决方案

InputMethodManager m = (InputMethodManager) ctx.getSystemService("input_method");
List<InputMethodInfo> a = m.getInputMethodList();
for (InputMethodInfo inputMethodInfo : a) {
        if (inputMethodInfo.getIsDefaultResourceId() == 0) {
            //it is not default
            return false;
        }
}
//it is default
return true;

I find precise solution

InputMethodManager m = (InputMethodManager) ctx.getSystemService("input_method");
List<InputMethodInfo> a = m.getInputMethodList();
for (InputMethodInfo inputMethodInfo : a) {
        if (inputMethodInfo.getIsDefaultResourceId() == 0) {
            //it is not default
            return false;
        }
}
//it is default
return true;
回复 原文
~没有更多了~

关于作者

倚栏听风

暂无简介

文章
评论
585 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

勿忘初心

文章 0 评论 0

Ransom

文章 0 评论 0

似最初

文章 0 评论 0

痴者

文章 0 评论 0

不再见

文章 0 评论 0

Thera

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文