概述
當(dāng)我們使用廣播Broadcast的時(shí)候逞度,需要考慮程序安全問(wèn)題额划。
- 我們發(fā)送的廣播會(huì)不會(huì)被別的app接收到,導(dǎo)致數(shù)據(jù)泄漏档泽。
- 別的惡意軟件會(huì)不會(huì)發(fā)送偽造廣播導(dǎo)致我們的程序收到廣播后執(zhí)行某些非法動(dòng)作俊戳。
其實(shí)這兩個(gè)問(wèn)題可以使用Android源碼中的LocalBroadcastManager來(lái)解決,LocalBroadcastManager是只在當(dāng)前進(jìn)程內(nèi)進(jìn)行通信馆匿,而用法與Broadcast相同抑胎。
LocalBroadcastManager與Broadcast比較有三個(gè)優(yōu)點(diǎn):
- 廣播數(shù)據(jù)不會(huì)超出你的應(yīng)用程序內(nèi)部,不會(huì)別的程序接收到渐北,所以不需要擔(dān)心泄露隱私數(shù)據(jù)阿逃。
- 廣播接收器不會(huì)接收到其他應(yīng)用程序發(fā)送的廣播,所以不必?fù)?dān)心可以利用安全漏洞腔稀。
- 通信方式比Broadcast更加高效盆昙,LocalBroadcastManager使用handler為核心機(jī)制,Broadcast則是使用Android內(nèi)部的Binder機(jī)制焊虏。
基本使用
LocalBroadcastManager與Broadcast的使用方式完全一致淡喜,基本用法就是注冊(cè)、反注冊(cè)诵闭、發(fā)送廣播炼团。但是,LocalBroadcastManager只適用于動(dòng)態(tài)注冊(cè)使用疏尿,在AndroidManifest中注冊(cè)的廣播接收瘟芝,則不適用。
LocalBroadcastManager lbm;
BroadcastReceiver receiver;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
//注冊(cè)
receiver = new BroadcastReceiver() {
@Override
public void onReceive(Context context, Intent intent) {
Log.i(TAG, "LocalBroadcastManager onReceive");
//do samething...
}
};
lbm = LocalBroadcastManager.getInstance(this);
lbm.registerReceiver(receiver, new IntentFilter("test_action"));
}
@Override
protected void onDestroy() {
super.onDestroy();
//反注冊(cè)
lbm.unregisterReceiver(receiver);
}
@Override
public void onClick(View v) {
if(v == btnSendBroadcast){
//發(fā)送廣播
lbm.sendBroadcast(new Intent("test_action"));
}
}
源碼分析
構(gòu)造方法
LocalBroadcastManager使用單例模式構(gòu)造褥琐,在構(gòu)造方法內(nèi)部創(chuàng)建一個(gè)Handler锌俱,Handler用來(lái)執(zhí)行廣播的分發(fā)。
static final int MSG_EXEC_PENDING_BROADCASTS = 1;
//上下文對(duì)象
private final Context mAppContext;
//LocalBroadcastManager的核心機(jī)制是Handler
private final Handler mHandler;
//同步鎖
private static final Object mLock = new Object();
//LocalBroadcastManager實(shí)例對(duì)象
private static LocalBroadcastManager mInstance;
//LocalBroadcastManager采用的單例模式
public static LocalBroadcastManager getInstance(Context context) {
synchronized (mLock) {
if (mInstance == null) {
//上下文對(duì)象為getApplicationContext敌呈,不用擔(dān)心內(nèi)存泄漏問(wèn)題
mInstance = new LocalBroadcastManager(context.getApplicationContext());
}
return mInstance;
}
}
//私有構(gòu)造函數(shù)
private LocalBroadcastManager(Context context) {
mAppContext = context;
//傳入context.getMainLooper()贸宏,Handler執(zhí)行在主線程
mHandler = new Handler(context.getMainLooper()) {
@Override
public void handleMessage(Message msg) {
switch (msg.what) {
case MSG_EXEC_PENDING_BROADCASTS:
executePendingBroadcasts();
break;
default:
super.handleMessage(msg);
}
}
};
}
基本數(shù)據(jù)結(jié)構(gòu)和內(nèi)部類
- 內(nèi)部類ReceiverRecord造寝,用于存放相對(duì)應(yīng)的IntentFilter和BroadcastReceiver。
- 內(nèi)部類BroadcastRecord吭练,用于存放相對(duì)應(yīng)的Intent和ReceiverRecord诫龙。
//存放相對(duì)應(yīng)的IntentFilter和BroadcastReceiver
private static class ReceiverRecord {
final IntentFilter filter;
final BroadcastReceiver receiver;
boolean broadcasting;
ReceiverRecord(IntentFilter _filter, BroadcastReceiver _receiver) {
filter = _filter;
receiver = _receiver;
}
@Override
public String toString() {
StringBuilder builder = new StringBuilder(128);
builder.append("Receiver{");
builder.append(receiver);
builder.append(" filter=");
builder.append(filter);
builder.append("}");
return builder.toString();
}
}
//存放相對(duì)應(yīng)的Intent和ReceiverRecord
private static class BroadcastRecord {
final Intent intent;
final ArrayList<ReceiverRecord> receivers;
BroadcastRecord(Intent _intent, ArrayList<ReceiverRecord> _receivers) {
intent = _intent;
receivers = _receivers;
}
}
- HashMap mReceivers 存儲(chǔ)廣播和過(guò)濾器信息,方便管理BroadcastReceiver的注冊(cè)和取消鲫咽。
- HashMap mActions存儲(chǔ)action和相對(duì)應(yīng)的ReceiverRecord列表签赃,方便管理廣播Actions的分發(fā)和執(zhí)行。
- mPendingBroadcasts 存儲(chǔ)所有的BroadcastRecord分尸,方便管理BroadcastRecord創(chuàng)建和銷毀锦聊。
//方便管理BroadcastReceiver的注冊(cè)和取消
private final HashMap<BroadcastReceiver, ArrayList<IntentFilter>> mReceivers
= new HashMap<BroadcastReceiver, ArrayList<IntentFilter>>();
//方便管理廣播Actions的分發(fā)和執(zhí)行
private final HashMap<String, ArrayList<ReceiverRecord>> mActions
= new HashMap<String, ArrayList<ReceiverRecord>>();
//管理BroadcastRecord,方便執(zhí)行
private final ArrayList<BroadcastRecord> mPendingBroadcasts
= new ArrayList<BroadcastRecord>();
注冊(cè)與反注冊(cè)
LocalBroadcastManager的注冊(cè)與反注冊(cè)寓落,直白的說(shuō)就是將廣播相對(duì)應(yīng)的必要元素(BroadcastReceiver括丁、IntentFilter、Action)進(jìn)行添加和移除伶选。
注冊(cè)廣播:
/**
* Register a receive for any local broadcasts that match the given IntentFilter.
*
* @param receiver The BroadcastReceiver to handle the broadcast.
* @param filter Selects the Intent broadcasts to be received.
*
* @see #unregisterReceiver
*/
public void registerReceiver(BroadcastReceiver receiver, IntentFilter filter) {
synchronized (mReceivers) {
ReceiverRecord entry = new ReceiverRecord(filter, receiver);
ArrayList<IntentFilter> filters = mReceivers.get(receiver);
if (filters == null) {
filters = new ArrayList<IntentFilter>(1);
mReceivers.put(receiver, filters);
}
filters.add(filter);
for (int i=0; i<filter.countActions(); i++) {
String action = filter.getAction(i);
ArrayList<ReceiverRecord> entries = mActions.get(action);
if (entries == null) {
entries = new ArrayList<ReceiverRecord>(1);
mActions.put(action, entries);
}
entries.add(entry);
}
}
}
這里的注冊(cè)主要就是將注冊(cè)的廣播接收器BroadcastReceiver和過(guò)濾器IntentFilter添加到相應(yīng)的數(shù)據(jù)結(jié)構(gòu)當(dāng)中史飞。將BroadcastReceiver作為key,把IntentFilter添加到對(duì)應(yīng)的Value的集合中仰税。將IntentFilter中的action作為key构资,將ReceiverRecord對(duì)象(包含對(duì)應(yīng)的BroadcastReceiver和IntentFilter)添加到對(duì)應(yīng)的Value的集合中。添加到這些數(shù)據(jù)結(jié)構(gòu)中就是為了方便反注冊(cè)和廣播分發(fā)陨簇。
取消注冊(cè):
/**
* Unregister a previously registered BroadcastReceiver. <em>All</em>
* filters that have been registered for this BroadcastReceiver will be
* removed.
*
* @param receiver The BroadcastReceiver to unregister.
*
* @see #registerReceiver
*/
public void unregisterReceiver(BroadcastReceiver receiver) {
synchronized (mReceivers) {
ArrayList<IntentFilter> filters = mReceivers.remove(receiver);
if (filters == null) {
return;
}
for (int i=0; i<filters.size(); i++) {
IntentFilter filter = filters.get(i);
for (int j=0; j<filter.countActions(); j++) {
String action = filter.getAction(j);
ArrayList<ReceiverRecord> receivers = mActions.get(action);
if (receivers != null) {
for (int k=0; k<receivers.size(); k++) {
if (receivers.get(k).receiver == receiver) {
receivers.remove(k);
k--;
}
}
if (receivers.size() <= 0) {
mActions.remove(action);
}
}
}
}
}
}
取消注冊(cè)就是將需要取消的BroadcastReceiver以及對(duì)應(yīng)的IntentFilter和Action全部移除河绽。源碼中使用了3個(gè)for循環(huán),遍歷了mReceivers和mActions纹笼,移除所有的相應(yīng)元素苟跪。
發(fā)送與分發(fā)
發(fā)送廣播:
/**
* Broadcast the given intent to all interested BroadcastReceivers. This
* call is asynchronous; it returns immediately, and you will continue
* executing while the receivers are run.
*
* @param intent The Intent to broadcast; all receivers matching this
* Intent will receive the broadcast.
*
* @see #registerReceiver
*/
public boolean sendBroadcast(Intent intent) {
synchronized (mReceivers) {
final String action = intent.getAction();
final String type = intent.resolveTypeIfNeeded(
mAppContext.getContentResolver());
final Uri data = intent.getData();
final String scheme = intent.getScheme();
final Set<String> categories = intent.getCategories();
final boolean debug = DEBUG ||
((intent.getFlags() & Intent.FLAG_DEBUG_LOG_RESOLUTION) != 0);
if (debug) Log.v(
TAG, "Resolving type " + type + " scheme " + scheme
+ " of intent " + intent);
ArrayList<ReceiverRecord> entries = mActions.get(intent.getAction());
if (entries != null) {
if (debug) Log.v(TAG, "Action list: " + entries);
ArrayList<ReceiverRecord> receivers = null;
for (int i=0; i<entries.size(); i++) {
ReceiverRecord receiver = entries.get(i);
if (debug) Log.v(TAG, "Matching against filter " + receiver.filter);
if (receiver.broadcasting) {
if (debug) {
Log.v(TAG, " Filter's target already added");
}
continue;
}
int match = receiver.filter.match(action, type, scheme, data,
categories, "LocalBroadcastManager");
if (match >= 0) {
if (debug) Log.v(TAG, " Filter matched! match=0x" +
Integer.toHexString(match));
if (receivers == null) {
receivers = new ArrayList<ReceiverRecord>();
}
receivers.add(receiver);
receiver.broadcasting = true;
} else {
if (debug) {
String reason;
switch (match) {
case IntentFilter.NO_MATCH_ACTION: reason = "action"; break;
case IntentFilter.NO_MATCH_CATEGORY: reason = "category"; break;
case IntentFilter.NO_MATCH_DATA: reason = "data"; break;
case IntentFilter.NO_MATCH_TYPE: reason = "type"; break;
default: reason = "unknown reason"; break;
}
Log.v(TAG, " Filter did not match: " + reason);
}
}
}
if (receivers != null) {
for (int i=0; i<receivers.size(); i++) {
receivers.get(i).broadcasting = false;
}
mPendingBroadcasts.add(new BroadcastRecord(intent, receivers));
if (!mHandler.hasMessages(MSG_EXEC_PENDING_BROADCASTS)) {
mHandler.sendEmptyMessage(MSG_EXEC_PENDING_BROADCASTS);
}
return true;
}
}
}
return false;
}
發(fā)送廣播的內(nèi)部機(jī)制簡(jiǎn)單來(lái)說(shuō)就是,根據(jù)Intent中的action兄猩,從mAction中取出對(duì)應(yīng)的ReceiverRecord列表,然后遍歷所有的ReceiverRecord援岩,判斷其IntentFilter是否與Intent中的action, type, scheme, data, categories相匹配掏导,如果匹配成功羽峰,就將ReceiverRecord添加到mPendingBroadcasts中,最后執(zhí)行mHandler.sendEmptyMessage(int what)交由Handler去執(zhí)行值纱。
分發(fā)執(zhí)行:
private void executePendingBroadcasts() {
while (true) {
BroadcastRecord[] brs = null;
synchronized (mReceivers) {
final int N = mPendingBroadcasts.size();
if (N <= 0) {
return;
}
brs = new BroadcastRecord[N];
mPendingBroadcasts.toArray(brs);
mPendingBroadcasts.clear();
}
for (int i=0; i<brs.length; i++) {
BroadcastRecord br = brs[i];
for (int j=0; j<br.receivers.size(); j++) {
br.receivers.get(j).receiver.onReceive(mAppContext, br.intent);
}
}
}
}
mHandler收到消息后會(huì)執(zhí)行executePendingBroadcasts()方法虐唠,將mPendingBroadcasts
轉(zhuǎn)換成數(shù)組brs惰聂,遍歷brs中所有的BroadcastRecord,再遍歷所有的BroadcastReceiver杆故,調(diào)用其onReceive方法溉愁,完成整個(gè)廣播的執(zhí)行。
總結(jié)
在整個(gè)源碼分析的過(guò)程中撤蟆,我們可以清晰的看到堂污,LocalBroadcastManager的核心機(jī)制還是使用的Handler,與一般的廣播使用Binder機(jī)制完全不一樣息楔。從而做到了開篇所說(shuō)的幾個(gè)優(yōu)點(diǎn):當(dāng)前APP內(nèi)部通信扒披,數(shù)據(jù)安全,無(wú)可利用漏洞愿险,且效率更高。
