Prefs // +checkAbusersOfSecureEventInputAPI().

2023-10-23 10:59:41 +08:00 · 2023-10-23 10:59:41 +08:00 · 8d89da0c2b
parent 9a0d0dc633
commit 8d89da0c2b
9 changed files with 21 additions and 0 deletions
--- a/Packages/vChewing_MainAssembly/Sources/MainAssembly/PrefMgr_Core.swift
+++ b/Packages/vChewing_MainAssembly/Sources/MainAssembly/PrefMgr_Core.swift
@ -38,6 +38,9 @@ import SwiftExtension
  @AppProperty(key: UserDef.kSecurityHardenedCompositionBuffer.rawValue, defaultValue: false)
  public dynamic var securityHardenedCompositionBuffer: Bool

+  @AppProperty(key: UserDef.kCheckAbusersOfSecureEventInputAPI.rawValue, defaultValue: true)
+  public dynamic var checkAbusersOfSecureEventInputAPI: Bool
+
  @AppProperty(key: UserDef.kDeltaOfCalendarYears.rawValue, defaultValue: -2000)
  public dynamic var deltaOfCalendarYears: Int

--- a/Packages/vChewing_MainAssembly/Sources/MainAssembly/SecurityAgentHelper.swift
+++ b/Packages/vChewing_MainAssembly/Sources/MainAssembly/SecurityAgentHelper.swift
@ -41,6 +41,7 @@ public class SecurityAgentHelper {
  }

  @objc public func checkAndHandle(_: Timer) {
+    guard PrefMgr.shared.checkAbusersOfSecureEventInputAPI else { return }
    var results = SecureEventInputSputnik.getRunningSecureInputApps(abusersOnly: true)
    vCLog("SecurityAgentHelper scanned SecureEventInput abusers. \(results.count) targets found.")
    guard !results.isEmpty else { return }
--- a/Packages/vChewing_Shared/Sources/Shared/Protocols/PrefMgrProtocol.swift
+++ b/Packages/vChewing_Shared/Sources/Shared/Protocols/PrefMgrProtocol.swift
@ -12,6 +12,7 @@ public protocol PrefMgrProtocol {
  var isDebugModeEnabled: Bool { get set }
  var failureFlagForUOMObservation: Bool { get set }
  var securityHardenedCompositionBuffer: Bool { get set }
+  var checkAbusersOfSecureEventInputAPI: Bool { get set }
  var deltaOfCalendarYears: Int { get set }
  var mostRecentInputMode: String { get set }
  var useExternalFactoryDict: Bool { get set }
--- a/Packages/vChewing_Shared/Sources/Shared/UserDef.swift
+++ b/Packages/vChewing_Shared/Sources/Shared/UserDef.swift
@ -32,6 +32,7 @@ public enum UserDef: String, CaseIterable {
  case kIsDebugModeEnabled = "_DebugMode"
  case kFailureFlagForUOMObservation = "_FailureFlag_UOMObservation"
  case kSecurityHardenedCompositionBuffer = "SecurityHardenedCompositionBuffer"
+  case kCheckAbusersOfSecureEventInputAPI = "CheckAbusersOfSecureEventInputAPI"
  case kDeltaOfCalendarYears = "DeltaOfCalendarYears"
  case kMostRecentInputMode = "MostRecentInputMode"
  case kCassettePath = "CassettePath"
@ -147,6 +148,7 @@ public extension UserDef {
    case .kIsDebugModeEnabled: return .bool
    case .kFailureFlagForUOMObservation: return .bool
    case .kSecurityHardenedCompositionBuffer: return .bool
+    case .kCheckAbusersOfSecureEventInputAPI: return .bool
    case .kDeltaOfCalendarYears: return .integer
    case .kMostRecentInputMode: return .string
    case .kCassettePath: return .string
@ -237,6 +239,10 @@ public extension UserDef {
        userDef: self, shortTitle: "Security-harden the composition buffer for all clients",
        description: "This hinders all client apps from unwelcomely accessing your uncommitted contents in the composition buffer. A popup composition buffer will be shown instead."
      )
+    case .kCheckAbusersOfSecureEventInputAPI: return .init(
+        userDef: self, shortTitle: "i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle",
+        description: "i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description"
+      )
    case .kDeltaOfCalendarYears: return nil
    case .kMostRecentInputMode: return nil
    case .kCassettePath: return .init(
--- a/Source/Resources/Base.lproj/Localizable.strings
+++ b/Source/Resources/Base.lproj/Localizable.strings
@ -300,6 +300,8 @@
 "Horizontal" = "Horizontal";
 "Hsu" = "Hsu";
 "Hualuo Pinyin with Numeral Intonation" = "Hualuo Pinyin with Numeral Intonation";
+"i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description" = "Such abuse of SecureEventInput API in the background can hinder all 3rd-party input methods from being able to switch to. It is fine to use SecureEventInput for sensitive input fields. However, an app calling EnableSecureEventInput() is responsible to call DisableSecureEventInput() immediately right after the input field loses focus. This situation may also happen if an app is hanging in the background (or working as a helper application in the background) with its SecureEventInput left enabled.";
+"i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle" = "Actively check those processes abusing the SecureEventInput API";
 "IBM" = "IBM";
 "If disabled, this will insert space instead." = "If disabled, this will insert space instead.";
 "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes." = "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes.";
--- a/Source/Resources/en.lproj/Localizable.strings
+++ b/Source/Resources/en.lproj/Localizable.strings
@ -300,6 +300,8 @@
 "Horizontal" = "Horizontal";
 "Hsu" = "Hsu";
 "Hualuo Pinyin with Numeral Intonation" = "Hualuo Pinyin with Numeral Intonation";
+"i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description" = "Such abuse of SecureEventInput API in the background can hinder all 3rd-party input methods from being able to switch to. It is fine to use SecureEventInput for sensitive input fields. However, an app calling EnableSecureEventInput() is responsible to call DisableSecureEventInput() immediately right after the input field loses focus. This situation may also happen if an app is hanging in the background (or working as a helper application in the background) with its SecureEventInput left enabled.";
+"i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle" = "Actively check those processes abusing the SecureEventInput API";
 "IBM" = "IBM";
 "If disabled, this will insert space instead." = "If disabled, this will insert space instead.";
 "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes." = "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes.";
--- a/Source/Resources/ja.lproj/Localizable.strings
+++ b/Source/Resources/ja.lproj/Localizable.strings
@ -300,6 +300,8 @@
 "Horizontal" = "横型陳列";
 "Hsu" = "許氏国音自然配列";
 "Hualuo Pinyin with Numeral Intonation" = "中華ローマ弁音 (ローマ字+数字音調)";
+"i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description" = "このような不正利用は「システム内蔵入力以外の全ての入力アプリがメニューで灰色状態で選べなくて使えない」の元凶である。センシティブな資料の記入どころでSecureEventInputをEnableSecureEventInput()で使うのは当然であるが、「入力中」状態が終わった後必ずDisableSecureEventInput()で状態解消すべきだと義務である。いくつかヘルパーアプリも、あるいはSecureEventInputを呼び起こしてからすぐ固まったアプリも、この状態になりやすい。特に、他のアプリの画面へ切り替えたとしても、固まったアプリのSecureEventInput状態は自動的に解消できぬ。";
+"i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle" = "SecureEventInput API を不正利用しているバクグラウンド・プロセスを自動検知";
 "IBM" = "IBM 配列";
 "If disabled, this will insert space instead." = "未チェックの場合、スペースを挿入。";
 "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes." = "未チェックの場合、ESC キーはまず未完成の音読/筆画を消す。\n未完成の音読/筆画がない場合、全緩衝列をそのまま送り出す。";
--- a/Source/Resources/zh-Hans.lproj/Localizable.strings
+++ b/Source/Resources/zh-Hans.lproj/Localizable.strings
@ -300,6 +300,8 @@
 "Horizontal" = "横向布局";
 "Hsu" = "许氏国音自然排列";
 "Hualuo Pinyin with Numeral Intonation" = "华罗拼音+数字标调";
+"i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description" = "这种滥用会导致系统内的所有第三方输入法全都无法正常使用（在输入法选单内会变成灰色）。针对需要填写敏感数据的场合，使用 SecureEventInput 无可厚非。但是，用 EnableSecureEventInput() 开启该模式之后，就有义务在输入窗格失焦的那一刻呼叫 DisableSecureEventInput() 来结束这种状态。这种状态还常见于后台辅助 App 当中、或者某个 App 在叫出该模式之后失去响应（这样的话，哪怕被切换到后台，SecureEventInput 也不会自动解除）。";
+"i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle" = "主动检测正在滥用 SecureEventInput API 的后台进程";
 "IBM" = "IBM 排列";
 "If disabled, this will insert space instead." = "取消勾选的话，该按键会插入空格。";
 "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes." = "若取消勾选，则 ESC 键会先尝试清除未组成的读音/字根；\n如果没有未组成的读音/字根的话，则会递交当前组字区的内容。";
--- a/Source/Resources/zh-Hant.lproj/Localizable.strings
+++ b/Source/Resources/zh-Hant.lproj/Localizable.strings
@ -300,6 +300,8 @@
 "Horizontal" = "橫向佈局";
 "Hsu" = "許氏國音自然排列";
 "Hualuo Pinyin with Numeral Intonation" = "華羅拼音+數字標調";
+"i18n:userdef.kCheckAbusersOfSecureEventInputAPI.description" = "這種濫用會導致系統內的所有第三方輸入法全都無法正常使用（在輸入法選單內會變成灰色）。針對需要填寫敏感資料的場合，使用 SecureEventInput 無可厚非。但是，用 EnableSecureEventInput() 開啟該模式之後，就有義務在輸入窗格失焦的那一刻呼叫 DisableSecureEventInput() 來結束這種狀態。這種狀態還常見於後檯輔助 App 當中、或者某個 App 在叫出該模式之後失去回應（這樣的話，哪怕被切換到後檯，SecureEventInput 也不會自動解除）。";
+"i18n:UserDef.kCheckAbusersOfSecureEventInputAPI.shortTitle" = "主動偵測正在濫用 SecureEventInput API 的後檯執行緒";
 "IBM" = "IBM 排列";
 "If disabled, this will insert space instead." = "取消勾選的話，該按鍵會插入空格。";
 "If unchecked, the ESC key will try cleaning the unfinished readings / strokes first, and will commit the current composition buffer if there's no unfinished readings / strokes." = "若取消勾選，則 ESC 鍵會先嘗試清除未組成的讀音/字根；\n如果沒有未組成的讀音/字根的話，則會遞交當前組字區的內容。";