6

i want to write an AccessibilityService which should help the user to fill forms. I saw the possibility to call Javascript code via WebView.loadUrl(). But since i've just the AccessibilityNodeInfo i only see that the WebView is on the screen.

After some research, i saw that TalkBackService is able to inject Javascript, and in a different post (Alternative way for communication between WebView and native) i saw its possible if i have a reference to the WebView-object.

Is there a way to execute JavaScript via such an Message or an Broadcast Intent in chromes WebView?

Would be really great if someone could help me! Thanks a lot!

Community
  • 1
  • 1
lhlmgr
  • 2,087
  • 1
  • 22
  • 38
  • Hi Lee, I am facing the same problem of filling username and password from my AccessibilitService. I could not find a way in which I can inject a javascript using AccessibilityInfo. Can you please tell how did you manage to do it? Thanks. – androidGuy Nov 20 '14 at 06:45
  • Hi Lee , Can you please tell me how do o get the loaded URL from that webview using accessibility service ? – Manish Agrawal Nov 30 '15 at 10:57

1 Answers1

1

Chrome doesn't use a WebView, Chrome uses it's own rendering engine. While some of the code ends up being shared with the WebView (as in the two end up being compiled from the same source code) that's where the similarity ends.

I don't think there is a way to inject JavaScript into Chrome via an Intent - that would be a pretty big security hole (otherwise someone could inject a "send me all your money" JavaScript into your bank's page).

Accessibility is not my area of expertise so I can be totally off here but I believe newer versions of Chrome expose the web contents structure to the accessibility layer and therefore you should be able to do your thing without any custom JavaScript. I think you can check this using uiautomatorviewer: for me the tool shows html forms when I grab a dump of Chrome's UI. Is that not the case for you?

marcin.kosiba
  • 3,221
  • 14
  • 19
  • Hi! thanks for answer. I know, chrome uses the `ContentViewCore` [1], but this class has the method `loadUrl()` too. :) I know, that would be a security whole, but LastPass [2] managed it to run javascript on the currently opened website. Thanks for the tip with uiautomatorviewer, i'll check it. Cheers [1] http://src.chromium.org/svn/trunk/src/content/public/android/java/src/org/chromium/content/browser/ContentViewCore.java [2] https://helpdesk.lastpass.com/upgrading-to-premium/lastpass-for-android/ – lhlmgr Jul 21 '14 at 13:03
  • @lee.O - actually, ContentViewCore.loadUrl handles javascript: URLs in a slightly different way than the webview, but that's a different discussion. I'd be surprised if lastpass are injecting javascript, though. – marcin.kosiba Jul 21 '14 at 15:14
  • @marcin-koshiba, ouh sry, i just checked the chromium-repository. I checked the chrome javascript console output on the mobile device, and saw the code they execute. (javascript:function() ... ) – lhlmgr Jul 21 '14 at 15:23
  • @marcin-koshiba, but i have to say, the user has to press OK to execute the script. – lhlmgr Jul 22 '14 at 08:56
  • @lee.O it seems like this is "enhanced web accessibility" which, according to the description, lets you inject JS scripts. It does require the user enabling this in Accessibility settings first, though. – marcin.kosiba Jul 22 '14 at 09:20