[tor-commits] [tor-browser/tor-browser-68.1.0esr-9.0-3] fixup! Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
gk at torproject.org
gk at torproject.org
Thu Oct 17 21:34:33 UTC 2019
commit db19bbcd9c34c933ad7fc84693ed8a5ad3bac3cf
Author: Matthew Finkel <Matthew.Finkel at gmail.com>
Date: Thu Oct 17 19:30:13 2019 +0000
fixup! Orfox: Centralized proxy applied to AbstractCommunicator and BaseResources.
---
.../gecko/customtabs/CustomTabsActivity.java | 21 ++++---
.../mozilla/gecko/widget/GeckoActionProvider.java | 10 +++-
.../main/java/org/mozilla/gecko/GeckoAppShell.java | 68 +++++++++++-----------
3 files changed, 54 insertions(+), 45 deletions(-)
diff --git a/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java b/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java
index c75962da35a7..230773cd1292 100644
--- a/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java
+++ b/mobile/android/base/java/org/mozilla/gecko/customtabs/CustomTabsActivity.java
@@ -359,16 +359,19 @@ public class CustomTabsActivity extends AppCompatActivity
}
private void performPendingIntent(@NonNull PendingIntent pendingIntent) {
+ // Bug 31144 - Fail and return early, prevent potential proxy-bypass.
+ return;
+
// bug 1337771: If intent-creator haven't set data url, call send() directly won't work.
- final Intent additional = new Intent();
- if (!TextUtils.isEmpty(mCurrentUrl)) {
- additional.setData(Uri.parse(mCurrentUrl));
- }
- try {
- pendingIntent.send(this, 0, additional);
- } catch (PendingIntent.CanceledException e) {
- Log.w(LOGTAG, "Performing a canceled pending intent", e);
- }
+ //final Intent additional = new Intent();
+ //if (!TextUtils.isEmpty(mCurrentUrl)) {
+ // additional.setData(Uri.parse(mCurrentUrl));
+ //}
+ //try {
+ // pendingIntent.send(this, 0, additional);
+ //} catch (PendingIntent.CanceledException e) {
+ // Log.w(LOGTAG, "Performing a canceled pending intent", e);
+ //}
}
/**
diff --git a/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java b/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java
index 79854e2931bc..9b81d5636e93 100644
--- a/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java
+++ b/mobile/android/base/java/org/mozilla/gecko/widget/GeckoActionProvider.java
@@ -22,6 +22,7 @@ import org.mozilla.gecko.overlays.ui.ShareDialog;
import org.mozilla.gecko.menu.MenuItemSwitcherLayout;
import org.mozilla.gecko.util.IOUtils;
import org.mozilla.gecko.util.IntentUtils;
+import org.mozilla.gecko.util.ProxySelector;
import org.mozilla.gecko.util.ThreadUtils;
import android.content.Context;
@@ -42,7 +43,8 @@ import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
-import java.net.URL;
+import java.net.URI;
+import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.HashMap;
@@ -335,9 +337,9 @@ public class GeckoActionProvider {
InputStream is = null;
try {
final byte[] buf = new byte[2048];
- final URL url = new URL(src);
+ final URI uri = new URI(src);
final String filename = URLUtil.guessFileName(src, null, type);
- is = url.openStream();
+ is = ProxySelector.openConnectionWithProxy(uri).getInputStream();
final File imageFile = new File(dir, filename);
os = new FileOutputStream(imageFile);
@@ -353,6 +355,8 @@ public class GeckoActionProvider {
IOUtils.safeStreamClose(is);
}
}
+ } catch (URISyntaxException ex) {
+ // Handle this the same way as IOException
} catch (IOException ex) {
// If something went wrong, we'll just leave the intent un-changed
} finally {
diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
index 03486a12c22e..c38e31dc3b0e 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/GeckoAppShell.java
@@ -1810,39 +1810,41 @@ public class GeckoAppShell {
@WrapForJNI
private static URLConnection getConnection(final String url) {
- try {
- String spec;
- if (url.startsWith("android://")) {
- spec = url.substring(10);
- } else {
- spec = url.substring(8);
- }
-
- // Check if we are loading a package icon.
- try {
- if (spec.startsWith("icon/")) {
- String[] splits = spec.split("/");
- if (splits.length != 2) {
- return null;
- }
- final String pkg = splits[1];
- final PackageManager pm = getApplicationContext().getPackageManager();
- final Drawable d = pm.getApplicationIcon(pkg);
- final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d);
- return new BitmapConnection(bitmap);
- }
- } catch (Exception ex) {
- Log.e(LOGTAG, "error", ex);
- }
-
- // if the colon got stripped, put it back
- int colon = spec.indexOf(':');
- if (colon == -1 || colon > spec.indexOf('/')) {
- spec = spec.replaceFirst("/", ":/");
- }
- } catch (Exception ex) {
- return null;
- }
+ // Bug 31144 - Prevent potential proxy-bypass
+
+ //try {
+ // String spec;
+ // if (url.startsWith("android://")) {
+ // spec = url.substring(10);
+ // } else {
+ // spec = url.substring(8);
+ // }
+
+ // // Check if we are loading a package icon.
+ // try {
+ // if (spec.startsWith("icon/")) {
+ // String[] splits = spec.split("/");
+ // if (splits.length != 2) {
+ // return null;
+ // }
+ // final String pkg = splits[1];
+ // final PackageManager pm = getApplicationContext().getPackageManager();
+ // final Drawable d = pm.getApplicationIcon(pkg);
+ // final Bitmap bitmap = BitmapUtils.getBitmapFromDrawable(d);
+ // return new BitmapConnection(bitmap);
+ // }
+ // } catch (Exception ex) {
+ // Log.e(LOGTAG, "error", ex);
+ // }
+
+ // // if the colon got stripped, put it back
+ // int colon = spec.indexOf(':');
+ // if (colon == -1 || colon > spec.indexOf('/')) {
+ // spec = spec.replaceFirst("/", ":/");
+ // }
+ //} catch (Exception ex) {
+ // return null;
+ //}
return null;
}
More information about the tor-commits
mailing list