Summary
The issue of Untrusted touch due to occlusion arises when an Android app attempts to overlay a layer on top of the mobile screen, such as a blue light filter, and the system flags the touch event as untrusted. This occurs due to security changes in Android, affecting the app’s functionality on certain versions.
Root Cause
The root cause of this issue is the use of WindowManager.LayoutParams.FLAG_NOT_TOUCHABLE in conjunction with the overlay layer. This flag prevents the overlay from receiving touch events, but when removed, the underlying UI elements become inaccessible to touch. The key causes are:
- Use of WindowManager.LayoutParams.FLAG_NOT_TOUCHABLE
- Overlay layer occluding the underlying UI elements
- Android’s security mechanisms flagging the touch event as untrusted
Why This Happens in Real Systems
This issue occurs in real systems due to the following reasons:
- Security changes in Android: Recent updates have introduced stricter security measures to prevent malicious apps from intercepting touch events.
- Overlay layer implementation: The app’s implementation of the overlay layer, using WindowManager.LayoutParams, can lead to conflicts with the system’s security mechanisms.
- Flag usage: The use of specific flags, such as WindowManager.LayoutParams.FLAG_NOT_TOUCHABLE, can have unintended consequences on the app’s behavior.
Real-World Impact
The real-world impact of this issue includes:
- Functional limitation: The app’s functionality is limited, as the overlay layer prevents touch events from reaching the underlying UI elements.
- User frustration: Users may experience frustration due to the inability to interact with the app as intended.
- Security concerns: The app’s behavior may raise security concerns, as the system flags the touch event as untrusted.
Example or Code
WindowManager.LayoutParams params = new WindowManager.LayoutParams(
WindowManager.LayoutParams.MATCH_PARENT,
HEIGHT,
Build.VERSION.SDK_INT < Build.VERSION_CODES.O ?
WindowManager.LayoutParams.TYPE_SYSTEM_OVERLAY :
WindowManager.LayoutParams.TYPE_APPLICATION_OVERLAY,
WindowManager.LayoutParams.FLAG_NOT_FOCUSABLE |
WindowManager.LayoutParams.FLAG_NOT_TOUCH_MODAL |
WindowManager.LayoutParams.FLAG_LAYOUT_IN_SCREEN |
WindowManager.LayoutParams.FLAG_DIM_BEHIND,
PixelFormat.TRANSLUCENT);How Senior Engineers Fix It
Senior engineers can fix this issue by:
- Revising the overlay layer implementation: Using alternative methods to achieve the desired functionality, such as using a FrameLayout or RelativeLayout to manage the overlay and underlying UI elements.
- Adjusting flag usage: Carefully selecting the flags used in the WindowManager.LayoutParams to ensure compatibility with the system’s security mechanisms.
- Implementing touch event forwarding: Forwarding touch events from the overlay layer to the underlying UI elements, using methods such as onTouchEvent or dispatchTouchEvent.
Why Juniors Miss It
Juniors may miss this issue due to:
- Lack of experience with Android security mechanisms: Inadequate understanding of the system’s security features and how they impact app behavior.
- Insufficient knowledge of overlay layer implementation: Limited experience with implementing overlay layers and managing touch events.
- Overreliance on flags: Relying too heavily on flags to achieve the desired behavior, without considering the potential consequences on the app’s functionality and security.