一、注意事項1、顯式設定exported屬性為false。@[email protected]、安全處理收到的intent,确認其真實性。@[email protected]、敏感資料可以在同一個應用中發送和請求。
二、原代碼示例
1.AndroidManifest.xml<?xml version="1.0" encoding="utf-8"?>@[email protected] @[email protected]@[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected] @[email protected]
2.PrivateStartService.javapackage org.jssec.android.service.privateservice;@[email protected] @[email protected] android.app.Service;@[email protected] android.content.Intent;@[email protected] android.os.IBinder;@[email protected] android.widget.Toast;@[email protected] @[email protected] class PrivateStartService extends Service {@[email protected] @[email protected] // The onCreate gets called only one time when the service [email protected]@ @[email protected]@ public void onCreate() {@[email protected] Toast.makeText(this, "PrivateStartService - onCreate()", Toast.LENGTH_SHORT).show();@[email protected] }@[email protected] @[email protected] // The onStartCommand gets called each time after the startService gets [email protected]@ @[email protected]@ public int onStartCommand(Intent intent, int flags, int startId) {@[email protected] // *** POINT 2 *** Handle the received intent carefully and securely,@[email protected] // even though the intent was sent from the same [email protected]@ // Omitted, since this is a sample. Please refer to "3.2 Handling Input Data Carefully and Securely."@[email protected] String param = intent.getStringExtra("PARAM");@[email protected] Toast.makeText(this,@[email protected] String.format("PrivateStartService¥nReceived param: ¥"%s¥"", param), Toast.LENGTH_LONG).show();@[email protected] return Service.START_NOT_STICKY;@[email protected] }@[email protected] @[email protected] // The onDestroy gets called only one time when the service stops. @[email protected]@ public void onDestroy() {@[email protected] Toast.makeText(this, "PrivateStartService - onDestroy()", Toast.LENGTH_SHORT).show();@[email protected] }@[email protected] @[email protected] @[email protected]@ public IBinder onBind(Intent intent) { @[email protected] // This service does not provide binding, so return [email protected]@ return null;@[email protected] }@[email protected]}
3.安全使用PrivateUserActivity.java - (1、在同一個程式中,使用顯式intent調用service、2、第三資訊可以發送給同一個應用中的目标service、3、處理收到的結果資料,确認真實性和可用性)package org.jssec.android.service.privateservice;@[email protected] @[email protected] android.app.Activity;@[email protected] android.content.Intent;@[email protected] android.os.Bundle;@[email protected] android.view.View;@[email protected] @[email protected] class PrivateUserActivity extends Activity {@[email protected] @[email protected] @[email protected]@ public void onCreate(Bundle savedInstanceState) {@[email protected] super.onCreate(savedInstanceState);@[email protected] setContentView(R.layout.privateservice_activity);@[email protected] }@[email protected] @[email protected] // --- StartService control [email protected]@ @[email protected] public void onStartServiceClick(View v) {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateStartService.class);@[email protected] @[email protected] // *** POINT 5 *** Sensitive information can be sent since the destination service is in the same [email protected]@ intent.putExtra("PARAM", "Sensitive information");@[email protected] @[email protected] startService(intent);@[email protected] }@[email protected] @[email protected] public void onStopServiceClick(View v) {@[email protected] doStopService();@[email protected] }@[email protected] @[email protected] @[email protected]@ public void onStop() {@[email protected] super.onStop();@[email protected] // Stop service if the service is [email protected]@ doStopService();@[email protected] }@[email protected] @[email protected] private void doStopService() {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateStartService.class);@[email protected] stopService(intent);@[email protected] }@[email protected] @[email protected] // --- IntentService control [email protected]@ @[email protected] public void onIntentServiceClick(View v) {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateIntentService.class);@[email protected] @[email protected] // *** POINT 5 *** Sensitive information can be sent since the destination service is in the same [email protected]@ intent.putExtra("PARAM", "Sensitive information");@[email protected] @[email protected] startService(intent);@[email protected] }@[email protected]}
三、安全代碼示例1、在同一個程式中,使用顯式intent調用service。@[email protected]、第三資訊可以發送給同一個應用中的目标service。@[email protected]、處理收到的結果資料,确認真實性和可用性。[email protected]@ @[email protected] org.jssec.android.service.privateservice;@[email protected] @[email protected] android.app.Activity;@[email protected] android.content.Intent;@[email protected] android.os.Bundle;@[email protected] android.view.View;@[email protected] @[email protected] class PrivateUserActivity extends Activity {@[email protected] @[email protected] @[email protected]@ public void onCreate(Bundle savedInstanceState) {@[email protected] super.onCreate(savedInstanceState);@[email protected] setContentView(R.layout.privateservice_activity);@[email protected] }@[email protected] @[email protected] // --- StartService control [email protected]@ @[email protected] public void onStartServiceClick(View v) {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateStartService.class);@[email protected] @[email protected] // *** POINT 5 *** Sensitive information can be sent since the destination service is in the same [email protected]@ intent.putExtra("PARAM", "Sensitive information");@[email protected] @[email protected] startService(intent);@[email protected] }@[email protected] @[email protected] public void onStopServiceClick(View v) {@[email protected] doStopService();@[email protected] }@[email protected] @[email protected] @[email protected]@ public void onStop() {@[email protected] super.onStop();@[email protected] // Stop service if the service is [email protected]@ doStopService();@[email protected] }@[email protected] @[email protected] private void doStopService() {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateStartService.class);@[email protected] stopService(intent);@[email protected] }@[email protected] @[email protected] // --- IntentService control [email protected]@ @[email protected] public void onIntentServiceClick(View v) {@[email protected] // *** POINT 4 *** Use the explicit intent with class specified to call a service in the same [email protected]@ Intent intent = new Intent(this, PrivateIntentService.class);@[email protected] @[email protected] // *** POINT 5 *** Sensitive information can be sent since the destination service is in the same [email protected]@ intent.putExtra("PARAM", "Sensitive information");@[email protected] @[email protected] startService(intent);@[email protected] }@[email protected]}