Clipboard Protection¶
Preventing the ability to copy or paste content may be required for applications that handle confidential or sensitive data, where it is therefore important to prevent data from crossing the application boundary through user actions or via a clipboard. Also, even when malware is not able to penetrate an application, it could still possibly read the contents of the clipboard to potentially steal the data.
The mobile services has integrated the ClipboardManager
API to access and manage the system clipboard. After clipboard protection is enabled on the server, the developer can add the ClipboardProtectionService
instance to the SDKInitializer.start
method. Then, it will handle the primary clip data stored in the clipboard to ensure that the data copied or cut from outside will not be pasted inside a protected application and vice-versa.
ClipboardProtectionService
takes one optional argument in the constructor to indicate whether to enable protection before retrieving the signal from the server. By default, it will be disabled.
val services = mutableListOf<MobileService>()
services.add(ClipboardProtectionService(initClipboardProtectionEnabled = true))
SDKInitializer.start(this, * services.toTypedArray())
Note
For Samsung devices with an Android version lower than 12, when entering the app from outside, it will paste " " when protection enabled.
When Gboard's clipboard
is turned on in Pixels (or something similar on other devices), recently copied or cut content will be displayed in the clipboard and protection will be bypassed.
Enhancement (Jetpack Compose)¶
In a Jetpack Compose environment (as opposed to the View-Based environment), recently copied or cut internal data will not appear in the clipboard history list. However, for external apps, the copied or cut content will still be displayed in the clipboard history list, and users can paste it directly by clicking on it. Currently, there is no way to prevent this behavior.
To achieve this, besides adding the ClipboardProtectionService
instance to the SDKInitializer.start
method, you have to use sdkClipboardManager
provided by ClipboardProtectionService
as a localClipboardManager
as shown in the following example. Make sure you convert sdkClipboardManager
to androidx.compose.ui.platform.ClipboardManager
first:
setContent {
FlowComposeTheme {
// Make sure you import `androidx.compose.ui.platform.ClipboardManager`.
val localClipboardManager =
clipboardProtectionService?.let {
it.sdkClipboardManager as ClipboardManager
} ?: LocalClipboardManager.current
CompositionLocalProvider(
LocalClipboardManager provides localClipboardManager
) {
//Add your code
}
}
}
This block of code is added to the onCreate
method and the sdkClipboardManager
will protect any screens contained by CompositionLocalProvider
.
Clipboard Protection for WebView
¶
You need to customize the WebView
to enable the protection enhancement. For example:
@Composable
fun CustomWebView(url: String) {
val clipboardProtectionService = SDKInitializer.getService(ClipboardProtectionService::class)
AndroidView(
factory = { context ->
WebView(context).apply {
// Make sure JavaScript is enabled.
settings.javaScriptEnabled = true
webViewClient = object : WebViewClient() {
override fun onPageFinished(view: WebView, url: String) {
super.onPageFinished(view, url)
// Inject JavaScript code supplied by ClipboardProtectionService.
clipboardProtectionService?.let {
evaluateJavascript(it.getJavaScriptCodeForWebView(), null)
}
}
}
// Make sure the injected JavaScript code above can invoke the functions from ClipboardProtectionService.
clipboardProtectionService?.let { addJavascriptInterface(it.JsWebInterface(), ClipboardProtectionService.JS_FUNC_ACCESS_NAME) }
loadUrl(url)
}
}
)
}
ClipboardProtectionService
provides JavaScript code for WebView
to support the clipboard protection enhancement. You can place your own JavaScript code in the onPageFinished
method before evaluateJavascript
is invoked. Then concatenate the JavaScript code together as a whole string and pass it into evaluateJavascript
to enable the clipboard protection enhancement.