项目场景:
RK3288 Android7.1 系统跑压力测试,部分系统apk webViwe 报错
问题描述
webViwe 报错 For security reasons, WebView is not allowed in privileged processes。
例如:
原因分析:
由于webView存在安全漏洞,谷歌从5.1开始全面禁止系统应用使用webView,使用会导致应用崩溃错误提示:For security reasons, WebView is not allowed in privileged processes异常信息。
当我们在申请app为系统应用,也就是我们在AndroidManifest文件中添加了:
android:sharedUserId=“android.uid.system”
可以看出是在 WebViewFactory.java 的getProvider 方法抛出的。源码路径为:
frameworks/base/core/java/android/webkit/WebViewFactory.java
static WebViewFactoryProvider getProvider() {
synchronized (sProviderLock) {
// For now the main purpose of this function (and the factory abstraction) is to keep
// us honest and minimize usage of WebView internals when binding the proxy.
if (sProviderInstance != null) return sProviderInstance; //如果sProviderInstance不为空直接返回
//1,判断,如果是系统id ,则抛出异常。
final int uid = android.os.Process.myUid();
if (uid == android.os.Process.ROOT_UID || uid == android.os.Process.SYSTEM_UID) {
throw new UnsupportedOperationException(
"For security reasons, WebView is not allowed in privileged processes");
}
StrictMode.ThreadPolicy oldPolicy = StrictMode.allowThreadDiskReads();
Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "WebViewFactory.getProvider()");
try {
//2
Class<WebViewFactoryProvider> providerClass = getProviderClass();
Trace.traceBegin(Trace.TRACE_TAG_WEBVIEW, "providerClass.newInstance()");
try {
//3 给 sProviderInstance 赋值
sProviderInstance = providerClass.getConstructor(WebViewDelegate.class)
.newInstance(new WebViewDelegate());
if (DEBUG) Log.v(LOGTAG, "Loaded provider: " + sProviderInstance);
return sProviderInstance;
} catch (Exception e) {
Log.e(LOGTAG, "error instantiating provider", e);
throw new AndroidRuntimeException(e);
} finally {
Trace.traceEnd(Trace.TRACE_TAG_WEBVIEW);
}
} finally {
Trace.traceEnd(Trace.TRACE_TAG_WEBVIEW);
StrictMode.setThreadPolicy(oldPolicy);
}
}
}
解决方案:
系统应用AndroidManifest文件中不要随意添加 android:sharedUserId=“android.uid.system”,直接删除即可。