Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

You've highlighted a subtle but important point of the Intent design. Unlike traditional file-handlers, you can say "I might handle this kind of thing" and then watch what flies by and only respond to what you actually care about (e.g. the market only responding to URLs pointing to the Android market). That makes Intents more powerful and more precise than previous approaches to similar problems.


Is there any security hole in this? Can an app register an intent on http and get access to all URLs Browser loads?


Actually, they can. Android browsers register to handle such requests. That's how users can switch between default browsers. Additionally, that's how the YouTube app can register to watch YouTube links. I click on a post on reddit, it links to a youtube video and it pops up and asks if I want to open it with the browser, (Dolphin, xScope) or YouTube.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: