Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2134744e authored by Christopher Tate's avatar Christopher Tate
Browse files

Properly scope the "only http/https schemes" intent filter semantics 

That restriction applies only to default-app linkage verification, and
not to any general questions of "is this app effectively a web browser?"

Bug 21688029

Change-Id: I9f6a7bc6dcac5e12ee07f8da6465ad51c1aeddfb
parent aaf280b6

core/java/android/content/IntentFilter.java

+30 −11
Original line number Diff line number Diff line
@@ -518,7 +518,8 @@ public class IntentFilter implements Parcelable { 
    }



    /**

     * Return if this filter handle all HTTP or HTTPS data URI or not.

     * Return if this filter handle all HTTP or HTTPS data URI or not.  This is the

     * core check for whether a given activity qualifies as a "browser".

     *

     * @return True if the filter handle all HTTP or HTTPS data URI. False otherwise.

     *
@@ -533,23 +534,26 @@ public class IntentFilter implements Parcelable { 
     */

    public final boolean handleAllWebDataURI() {

        return hasCategory(Intent.CATEGORY_APP_BROWSER) ||

                (hasOnlyWebDataURI() && countDataAuthorities() == 0);

                (handlesWebUris(false) && countDataAuthorities() == 0);

    }



    /**

     * Return if this filter handles only HTTP or HTTPS data URIs.

     * Return if this filter handles HTTP or HTTPS data URIs.

     *

     * @return True if the filter handles ACTION_VIEW/CATEGORY_BROWSABLE,

     * has at least one HTTP or HTTPS data URI pattern defined, and does not

     * define any non-http/https data URI patterns.

     * has at least one HTTP or HTTPS data URI pattern defined, and optionally

     * does not define any non-http/https data URI patterns.

     *

     * This will check if if the Intent action is {@link android.content.Intent#ACTION_VIEW} and

     * the Intent category is {@link android.content.Intent#CATEGORY_BROWSABLE} and the Intent

     * data scheme is "http" or "https".

     *

     * @param onlyWebSchemes When true, requires that the intent filter declare

     *     that it handles *only* http: or https: schemes.  This is a requirement for

     *     the intent filter's domain linkage being verifiable.

     * @hide

     */

    public final boolean hasOnlyWebDataURI() {

    public final boolean handlesWebUris(boolean onlyWebSchemes) {

        // Require ACTION_VIEW, CATEGORY_BROWSEABLE, and at least one scheme

        if (!hasAction(Intent.ACTION_VIEW)

            || !hasCategory(Intent.CATEGORY_BROWSABLE)
@@ -562,13 +566,28 @@ public class IntentFilter implements Parcelable { 
        final int N = mDataSchemes.size();

        for (int i = 0; i < N; i++) {

            final String scheme = mDataSchemes.get(i);

            if (!SCHEME_HTTP.equals(scheme) && !SCHEME_HTTPS.equals(scheme)) {

            final boolean isWebScheme =

                    SCHEME_HTTP.equals(scheme) || SCHEME_HTTPS.equals(scheme);

            if (onlyWebSchemes) {

                // If we're specifically trying to ensure that there are no non-web schemes

                // declared in this filter, then if we ever see a non-http/https scheme then

                // we know it's a failure.

                if (!isWebScheme) {

                    return false;

                }

            } else {

                // If we see any http/https scheme declaration in this case then the

                // filter matches what we're looking for.

                if (isWebScheme) {

                    return true;

                }

            }

        }



        // Everything passed, so it's an only-web-URIs filter

        return true;

        // We get here if:

        //   1) onlyWebSchemes and no non-web schemes were found, i.e success; or

        //   2) !onlyWebSchemes and no http/https schemes were found, i.e. failure.

        return onlyWebSchemes;

    }



    /**
@@ -585,7 +604,7 @@ public class IntentFilter implements Parcelable { 
     * @hide

     */

    public final boolean needsVerification() {

        return getAutoVerify() && hasOnlyWebDataURI();

        return getAutoVerify() && handlesWebUris(true);

    }



    /**

services/core/java/com/android/server/pm/PackageManagerService.java

+1 −1
Original line number Diff line number Diff line
@@ -12138,7 +12138,7 @@ public class PackageManagerService extends IPackageManager.Stub { 
                final int verificationId = mIntentFilterVerificationToken++;

                for (PackageParser.Activity a : pkg.activities) {

                    for (ActivityIntentInfo filter : a.intents) {

                        if (filter.hasOnlyWebDataURI() && needsNetworkVerificationLPr(filter)) {

                        if (filter.handlesWebUris(true) && needsNetworkVerificationLPr(filter)) {

                            if (DEBUG_DOMAIN_VERIFICATION) Slog.d(TAG,

                                    "Verification needed for IntentFilter:" + filter.toString());

                            mIntentFilterVerifier.addOneIntentFilterVerification(