2

Is there an intent for sending data for the keyboard to "type"?

This is more theoretical than practical, but is it possible to broadcast an intent that is received by the keyboard. The intent would contain a string which is then "typed" into the active input field. Alternative the intent could include a target field, which the keyboard could use to either select the right field in the view or prevent the data from being output to the wrong field.

Why?

I'm imaging this could useful for data collection applications.

Example 1: Bluetooth scale

Say you have an application for tracking your weight. Every morning you launch the app, weigh yourself, type in your weight. If the scale were paired with an application agnostic service on your phone you could just select the weight field and step up on the scale. The value would be sent to your phone and passed to the default keyboard using this intent.

Example 2: NFC id tags

A service form application requires a 16-digit machine serial number. There is an NFC tag on the machine which contains the serial number. Instead of typing it out manually, the NFC read intent is caught by a service which passes the value to the default keyboard via intent.

Criticisms:

  1. The app could/should integrate with the scale directly.
    Counter argument: Does not work with a web app and you are reliant on an app supporting (and maintaining support for) your particular solution (e.g. Bluetooth device).
  2. Replace the input field with a button that launches an intent for result.
    Counter argument: Same as above, plus it requires more user interaction; Clicks and time are premium commodities.

If it doesn't exist, would it be the worst idea for keyboards to implement such an intent receiver? Or would it just open the door to bad application design? Security-wise?

Enrico
  • 10,377
  • 8
  • 44
  • 55

1 Answers1

0

Is there an intent for sending data for the keyboard to "type"?

Fortunately, no, for obvious security reasons. One app cannot force input into another app outside of very select situations (e.g., JUnit test apps).

The app could/should integrate with the scale directly.

Correct.

Does not work with a web app

Then write a native app.

you are reliant on an app supporting (and maintaining support for) your particular solution (e.g. Bluetooth device)

You need that anyway, as it is impossible to speak arbitrary Bluetooth and get input suitable for an arbitrary text field in an arbitrary native app or Web app. Otherwise, your proposed soft keyboard will try to grab data from your Bluetooth headset and type it into Twitter, and your music is probably longer than 140 characters.

would it be the worst idea for keyboards to implement such an intent receiver?

That depends on your definition of "worst". I would hope that the implementer of such an input method editor has a very large legal defense fund for the inevitable lawsuits that will result from such a gaping security hole.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491
  • `"It is impossible to speak arbitrary Bluetooth and get input suitable for an arbitrary text field in an arbitrary native app or Web app"` Correct, but the scale manufacturer could provide a service that would work with any number of apps. `"gaping security hole"` Can you elaborate? Would this not be as secure/insecure as anything you type in the keyboard yourself? You can't root your phone from the email subject field. – Enrico Dec 09 '12 at 21:19
  • @Enrico: "Would this not be as secure/insecure as anything you type in the keyboard yourself?" -- except that other apps are doing the typing, such as typing in transactions to your banking app to abscond with some of your money, typing in Facebook posts threatening the US President (and garnering a resulting visit from the Secret Service), typing in a resignation letter to your employer, etc. "Correct, but the scale manufacturer could provide a service that would work with any number of apps" -- they can put the value on the clipboard for pasting into an arbitrary `EditText`. – CommonsWare Dec 09 '12 at 21:23
  • We already trust keyboard apps not to abscond with our passwords and other data, setting permissions would ensure only trusted apps (whatever that means) can perform text injection. Putting text on the clipboard could work in a pinch, but it's not very user friendly. Thanks – Enrico Dec 09 '12 at 21:30
  • @Enrico: "We already trust keyboard apps not to abscond with our passwords and other data" -- but now you are trusting 700,000+ apps not to inject data. "setting permissions would ensure only trusted apps (whatever that means) can perform text injection" -- if you think that will stop the lawsuits, feel free to write such an input method editor and promote it. I still recommend the large legal defense fund. I am uncertain if you can pull off the NFC approach with an input method editor, as NFC tends to want to start activities, though there may be a low-level way to make it work. – CommonsWare Dec 09 '12 at 21:44