Prev
The process of the hierarchy dump in android
The simple overview of ui dump process in android is like the following figure:
(2 years ago, I was involved in the project that developed the android test automation tool.)
The related source code is as below:
-----------------------------------------------------------------------------------
ViewServer.java
-----------------------------------------------------------------------------------
class ViewServer implements Runnable {
private final WindowManagerService mWindowManager;
class ViewServerWorker implements Runnable, WindowManagerService.WindowChangeListener {
private Socket mClient;
private boolean mNeedWindowListUpdate;
private boolean mNeedFocusedWindowUpdate;
public ViewServerWorker(Socket client) {
mClient = client;
mNeedWindowListUpdate = false;
mNeedFocusedWindowUpdate = false;
}
public void run() {
BufferedReader in = null;
try {
in = new BufferedReader(new InputStreamReader(mClient.getInputStream()), 1024);
final String request = in.readLine();
String command;
String parameters;
int index = request.indexOf(' ');
if (index == -1) {
command = request;
parameters = "";
} else {
command = request.substring(0, index);
parameters = request.substring(index + 1);
}
boolean result;
if (COMMAND_PROTOCOL_VERSION.equalsIgnoreCase(command)) {
result = writeValue(mClient, VALUE_PROTOCOL_VERSION);
} else if (COMMAND_SERVER_VERSION.equalsIgnoreCase(command)) {
result = writeValue(mClient, VALUE_SERVER_VERSION);
} else if (COMMAND_WINDOW_MANAGER_LIST.equalsIgnoreCase(command)) {
result = mWindowManager.viewServerListWindows(mClient);
} else if (COMMAND_WINDOW_MANAGER_GET_FOCUS.equalsIgnoreCase(command)) {
result = mWindowManager.viewServerGetFocusedWindow(mClient);
} else if (COMMAND_WINDOW_MANAGER_AUTOLIST.equalsIgnoreCase(command)) {
result = windowManagerAutolistLoop();
} else {
result = mWindowManager.viewServerWindowCommand(mClient,command, parameters);
}
// ...
}
}
}
-----------------------------------------------------------------------------------
WindowManagerService.java
-----------------------------------------------------------------------------------
https://android.googlesource.com/platform/frameworks/base/+/master/services/java/com/android/server/wm/WindowManagerService.java
public class WindowManagerService extends IWindowManager.Stub
implements Watchdog.Monitor, WindowManagerPolicy.WindowManagerFuncs,
DisplayManagerService.WindowManagerFuncs, DisplayManager.DisplayListener {
boolean viewServerWindowCommand(Socket client, String command, String parameters) {
// Any uncaught exception will crash the system process
try {
// Find the hashcode of the window
int index = parameters.indexOf(' ');
if (index == -1) {
index = parameters.length();
}
final String code = parameters.substring(0, index);
int hashCode = (int) Long.parseLong(code, 16);
// Extract the command's parameter after the window description
if (index < parameters.length()) {
parameters = parameters.substring(index + 1);
} else {
parameters = "";
}
final WindowState window = findWindow(hashCode);
if (window == null) {
return false;
}
data = Parcel.obtain();
data.writeInterfaceToken("android.view.IWindow");
data.writeString(command);
data.writeString(parameters);
data.writeInt(1);
ParcelFileDescriptor.fromSocket(client).writeToParcel(data, 0);
reply = Parcel.obtain();
final IBinder binder = window.mClient.asBinder();
// TODO: GET THE TRANSACTION CODE IN A SAFER MANNER
binder.transact(IBinder.FIRST_CALL_TRANSACTION, data, reply, 0);
}
}
-----------------------------------------------------------------------------------
WindowState.java
-----------------------------------------------------------------------------------
https://android.googlesource.com/platform/frameworks/base/+/master/services/java/com/android/server/wm/WindowState.java
import android.view.IWindow;
final class WindowState implements WindowManagerPolicy.WindowState {
final IWindow mClient;
}
-----------------------------------------------------------------------------------
IWindow.aidl
-----------------------------------------------------------------------------------
https://android.googlesource.com/platform/frameworks/base/+/master/core/java/com/android/internal/view/BaseIWindow.java
oneway interface IWindow {
void executeCommand(String command, String parameters, in ParcelFileDescriptor descriptor);
}
-----------------------------------------------------------------------------------
ViewRootImpl.java
-----------------------------------------------------------------------------------
https://android.googlesource.com/platform/frameworks/base/+/17d28ca/core/java/android/view/ViewRootImpl.java
public final class ViewRootImpl implements ViewParent,
View.AttachInfo.Callbacks, HardwareRenderer.HardwareDrawCallbacks {
static class W extends IWindow.Stub {
@Override
public void executeCommand(String command, String parameters, ParcelFileDescriptor out) {
final ViewRootImpl viewAncestor = mViewAncestor.get();
if (viewAncestor != null) {
final View view = viewAncestor.mView;
if (view != null) {
if (checkCallingPermission(Manifest.permission.DUMP) !=
PackageManager.PERMISSION_GRANTED) {
throw new SecurityException("Insufficient permissions to invoke"
+ " executeCommand() from pid=" + Binder.getCallingPid()
+ ", uid=" + Binder.getCallingUid());
}
OutputStream clientStream = null;
try {
clientStream = new ParcelFileDescriptor.AutoCloseOutputStream(out);
ViewDebug.dispatchCommand(view, command, parameters, clientStream);
} catch (IOException e) {
e.printStackTrace();
} finally {
if (clientStream != null) {
try {
clientStream.close();
} catch (IOException e) {
e.printStackTrace();
}
}
}
}
}
}
}
}
-----------------------------------------------------------------------------------
ViewDebug.java
-----------------------------------------------------------------------------------
https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/view/ViewDebug.java
/**
* Various debugging/tracing tools related to {@link View} and the view hierarchy.
*/
class ViewDebug
{
void dispatchCommand(View view, String command, String parameters,
OutputStream clientStream) throws IOException {
if (REMOTE_COMMAND_DUMP.equalsIgnoreCase(command)) {
dump(view, false, true, clientStream);
}
/**
* Dumps the view hierarchy starting from the given view.
* @hide
*/
public static void dump(View root, boolean skipChildren, boolean includeProperties,
OutputStream clientStream) throws IOException {
BufferedWriter out = null;
try {
out = new BufferedWriter(new OutputStreamWriter(clientStream, "utf-8"), 32 * 1024);
View view = root.getRootView();
if (view instanceof ViewGroup) {
ViewGroup group = (ViewGroup) view;
dumpViewHierarchy(group.getContext(), group, out, 0,
skipChildren, includeProperties);
}
out.write("DONE.");
out.newLine();
} catch (Exception e) {
android.util.Log.w("View", "Problem dumping the view:", e);
} finally {
if (out != null) {
out.close();
}
}
}
private static void dumpViewHierarchy(Context context, ViewGroup group,
BufferedWriter out, int level, boolean skipChildren, boolean includeProperties) {
if (!dumpView(context, group, out, level, includeProperties)) {
return;
}
if (skipChildren) {
return;
}
final int count = group.getChildCount();
for (int i = 0; i < count; i++) {
final View view = group.getChildAt(i);
if (view instanceof ViewGroup) {
dumpViewHierarchy(context, (ViewGroup) view, out, level + 1, skipChildren,
includeProperties);
} else {
dumpView(context, view, out, level + 1, includeProperties);
}
if (view.mOverlay != null) {
ViewOverlay overlay = view.getOverlay();
ViewGroup overlayContainer = overlay.mOverlayViewGroup;
dumpViewHierarchy(context, overlayContainer, out, level + 2, skipChildren,
includeProperties);
}
}
if (group instanceof HierarchyHandler) {
((HierarchyHandler)group).dumpViewHierarchyWithProperties(out, level + 1);
}
}
}
How to search android source using google
Use site option as below:
windowmanageservice site:android.googlesource.com/platform/frameworks/base/
Without cpp file
windowmanageservice site:android.googlesource.com/platform/frameworks/base/ -cpp
This search doesn't catch the contents of the source, so just use to reach latest or specific version of android source file.
The following site is really helpful to find something inside android and kernel source!
This site uses OpenGrok internally. 2 years ago I also used this.
Additional References : Set Opengrok Up
Free wireframing set for powerpoint
Source : http://designmodo.com/windows-8-wireframe/
The wireframing set is available as a .pptx file that you can download using the link below:
It is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License.
Screen shots:
windows-8-wireframing-set.zip.pptx
How to change chef-server's nginx configure
There are two ways to achieve this.
First is to use nginx's config file directly. chef-server's nginx config file is located under
/var/opt/chef-server/nginx/etc/nginx.conf |
After changing some settings, restart chef-server as below:
sudo chef-server-ctl restart |
Second is to use chef-server.rb file instead of using nginx.conf file
This file is located under /etc/chef-server. If it doesn't exist, just create it. put some values you want in it as below:
nginx['ssl_port'] = 449 |
To see the more detailed information about this, visit the following link:
http://docs.opscode.com/config_rb_chef_server_optional_settings.html
After specifying some options, run the following commands to apply those.
sudo chef-server-ctl reconfigure sudo chef-server-ctl restart |
just type following command
sudo su
and use cd command.
https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project
WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
WebScarab operates as an intercepting proxy, allowing the operator to review and modify requests created by the browser before they are sent to the server, and to review and modify responses returned from the server before they are received by the browser.
It's very simple to check what kind of methods are available on target site using telnet.
This example assumes that you are using windows.
1. Run cmd.exe after typing Windows + R keys
2, Check if the telnet client is installed by typing 'telnet' as below.
If it's installed, following message will be shown
If not, install it first.
3. Enter following command:
telnet [server url or ip address] 80
4. Enter the following text after changing host info according to yours
OPTIONS / HTTP/1.1 Host: [server url or ip address] |
This example used the following text
OPTIONS / HTTP/1.1 Host: 192.168.0.6 |
After sending this text, the result will be shown as below:
For the HTTP 1.0, following text can be used as text
OPTIONS * HTTP/1.0 |
Note: Some famous sites such as naver and other portals was already prohibited to this kind of access.
But we can find out naver is using nginx as its HTTP server.
In computing, DMZ term is often used over networks.
DMZ is the very term that we know it as military related. Its full spells are "demilitarized zone". Korean is '비무장 지대'.
From Wikipedia
In computer security, a DMZ or Demilitarized Zone (sometimes referred to as a perimeter network) is a physical or logical subnetwork that contains and exposes an organization's external-facing services to a larger and untrusted network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's local area network(LAN); an external attacker only has direct access to equipment in the DMZ, rather than any other part of the network. |
내부 네트워크와 외부 네트워크가 DMZ로 연결할 수 있도록 허용하면서도, DMZ 내의 컴퓨터는 오직 외부 네트워크에만 연결할 수 있도록 한다는 점이다. 즉 DMZ 안에 있는 호스트들은 내부 네트워크로 연결할 수 없다. 이것은 DMZ에 있는 호스트들이 외부 네트워크로 서비스를 제공하면서 DMZ 안의 호스트의 칩입으로부터 내부 네트워크를 보호한다. 내부 네트워크로 불법적 연결을 시도하는 외부 네트워크의 누군가가 있다면, DMZ는 그들에게 막다른 골목이 된다. |
From Wikipedia
Cross-site request forgery, also known as a one-click attack or session riding and abbreviated as CSRF (sometimes pronounced sea-surf[1]) or XSRF, is a type of malicious exploit of a website whereby unauthorized commands are transmitted from a user that the website trusts.[2] Unlike cross-site scripting (XSS), which exploits the trust a user has for a particular site, CSRF exploits the trust that a site has in a user's browser. |
To understand difference between XSS and CSRF, read the highlighted sentences with color.
Rss Feed