commit db19bbcd9c34c933ad7fc84693ed8a5ad3bac3cf Author: Matthew Finkel Matthew.Finkel@gmail.com Date: Thu Oct 17 19:30:13 2019 +0000
fixup! Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources. --- .../gecko/customtabs/CustomTabsActivity.java | 21 ++++--- .../mozilla/gecko/widget/GeckoActionProvider.java | 10 +++- .../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++++++++++----------- 3 files changed, 54 insertions(+), 45 deletions(-)
diff --git a/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java b/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java index c75962da35a7..230773cd1292 100644 --- a/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java +++ b/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java @@ -359,16 +359,19 @@ public class CustomTabsActivity extends AppCompatActivity }
private void performPendingIntent(@NonNull PendingIntent pendingIntent) { + // Bug 31144 - Fail and return early, prevent potential proxy-bypass. + return; + // bug 1337771: If intent-creator haven't set data url, call send() directly won't work. - final Intent additional = new Intent(); - if (!TextUtils.isEmpty(mCurrentUrl)) { - additional.setData(Uri.parse(mCurrentUrl)); - } - try { - pendingIntent.send(this, 0, additional); - } catch (PendingIntent.CanceledException e) { - Log.w(LOGTAG, "Performing a canceled pending intent", e); - } + //final Intent additional = new Intent(); + //if (!TextUtils.isEmpty(mCurrentUrl)) { + // additional.setData(Uri.parse(mCurrentUrl)); + //} + //try { + // pendingIntent.send(this, 0, additional); + //} catch (PendingIntent.CanceledException e) { + // Log.w(LOGTAG, "Performing a canceled pending intent", e); + //} }
/** diff --git a/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java b/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java index 79854e2931bc..9b81d5636e93 100644 --- a/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java +++ b/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java @@ -22,6 +22,7 @@ import org.mozilla.gecko.overlays.ui.ShareDialog; import org.mozilla.gecko.menu.MenuItemSwitcherLayout; import org.mozilla.gecko.util.IOUtils; import org.mozilla.gecko.util.IntentUtils; +import org.mozilla.gecko.util.ProxySelector; import org.mozilla.gecko.util.ThreadUtils;
import android.content.Context; @@ -42,7 +43,8 @@ import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; import java.io.OutputStream; -import java.net.URL; +import java.net.URI; +import java.net.URISyntaxException; import java.util.ArrayList; import java.util.HashMap;
@@ -335,9 +337,9 @@ public class GeckoActionProvider { InputStream is = null; try { final byte[] buf = new byte[2048]; - final URL url = new URL(src); + final URI uri = new URI(src); final String filename = URLUtil.guessFileName(src, null, type); - is = url.openStream(); + is = ProxySelector.openConnectionWithProxy(uri).getInputStream();
final File imageFile = new File(dir, filename); os = new FileOutputStream(imageFile); @@ -353,6 +355,8 @@ public class GeckoActionProvider { IOUtils.safeStreamClose(is); } } + } catch (URISyntaxException ex) { + // Handle this the same way as IOException } catch (IOException ex) { // If something went wrong, we'll just leave the intent un-changed } finally { diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java index 03486a12c22e..c38e31dc3b0e 100644 --- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java +++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java @@ -1810,39 +1810,41 @@ public class GeckoAppShell {
@WrapForJNI private static URLConnection getConnection(final String url) { - try { - String spec; - if (url.startsWith("android://")) { - spec = url.substring(10); - } else { - spec = url.substring(8); - } - - // Check if we are loading a package icon. - try { - if (spec.startsWith("icon/")) { - String[] splits = spec.split("/"); - if (splits.length != 2) { - return null; - } - final String pkg = splits[1]; - final PackageManager pm = getApplicationContext().getPackageManager(); - final Drawable d = pm.getApplicationIcon(pkg); - final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); - return new BitmapConnection(bitmap); - } - } catch (Exception ex) { - Log.e(LOGTAG, "error", ex); - } - - // if the colon got stripped, put it back - int colon = spec.indexOf(':'); - if (colon == -1 || colon > spec.indexOf('/')) { - spec = spec.replaceFirst("/", ":/"); - } - } catch (Exception ex) { - return null; - } + // Bug 31144 - Prevent potential proxy-bypass + + //try { + // String spec; + // if (url.startsWith("android://")) { + // spec = url.substring(10); + // } else { + // spec = url.substring(8); + // } + + // // Check if we are loading a package icon. + // try { + // if (spec.startsWith("icon/")) { + // String[] splits = spec.split("/"); + // if (splits.length != 2) { + // return null; + // } + // final String pkg = splits[1]; + // final PackageManager pm = getApplicationContext().getPackageManager(); + // final Drawable d = pm.getApplicationIcon(pkg); + // final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d); + // return new BitmapConnection(bitmap); + // } + // } catch (Exception ex) { + // Log.e(LOGTAG, "error", ex); + // } + + // // if the colon got stripped, put it back + // int colon = spec.indexOf(':'); + // if (colon == -1 || colon > spec.indexOf('/')) { + // spec = spec.replaceFirst("/", ":/"); + // } + //} catch (Exception ex) { + // return null; + //} return null; }