Skip to content

Commit

Permalink
Prevent clickjacking of superuser requests
Browse files Browse the repository at this point in the history 
Enable filterTouchesWhenObscured on the accept request button to prevent
possible clickjacking attacks. This is a measure used in many sensitive
dialogs (app installation, backup & VPN) in AOSP.
  • Loading branch information
@veeti
veeti committed Jul 18, 2014
1 parent 6972532 commit c0fdfc2
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions Superuser/res/layout/request.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,7 @@
android:layout_height="wrap_content"
android:layout_weight="1"
android:enabled="false"
android:filterTouchesWhenObscured="true"
android:text="@string/allow" />
</LinearLayout>

Expand Down

2 comments on commit c0fdfc2

@tonysanjaya
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sip

@stupidmfr8111
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fin

Please sign in to comment.