am b035c6d9: Merge "Properly scope the "only http/https schemes" intent filter semantics" into mnc-dev

* commit 'b035c6d9a6827510e6ee3f855827cf6e428adb22': Properly scope the "only http/https schemes" intent filter semantics
2015-06-27 00:51:44 +00:00
parent be337afda2 b035c6d9a6
commit e436e19e0f
2 changed files with 31 additions and 12 deletions
--- a/core/java/android/content/IntentFilter.java
+++ b/core/java/android/content/IntentFilter.java
@@ -518,7 +518,8 @@ public class IntentFilter implements Parcelable {
    }

    /**
-     * Return if this filter handle all HTTP or HTTPS data URI or not.
+     * Return if this filter handle all HTTP or HTTPS data URI or not.  This is the
+     * core check for whether a given activity qualifies as a "browser".
     *
     * @return True if the filter handle all HTTP or HTTPS data URI. False otherwise.
     *
@@ -533,23 +534,26 @@ public class IntentFilter implements Parcelable {
     */
    public final boolean handleAllWebDataURI() {
        return hasCategory(Intent.CATEGORY_APP_BROWSER) ||
-                (hasOnlyWebDataURI() && countDataAuthorities() == 0);
+                (handlesWebUris(false) && countDataAuthorities() == 0);
    }

    /**
-     * Return if this filter handles only HTTP or HTTPS data URIs.
+     * Return if this filter handles HTTP or HTTPS data URIs.
     *
     * @return True if the filter handles ACTION_VIEW/CATEGORY_BROWSABLE,
-     * has at least one HTTP or HTTPS data URI pattern defined, and does not
-     * define any non-http/https data URI patterns.
+     * has at least one HTTP or HTTPS data URI pattern defined, and optionally
+     * does not define any non-http/https data URI patterns.
     *
     * This will check if if the Intent action is {@link android.content.Intent#ACTION_VIEW} and
     * the Intent category is {@link android.content.Intent#CATEGORY_BROWSABLE} and the Intent
     * data scheme is "http" or "https".
     *
+     * @param onlyWebSchemes When true, requires that the intent filter declare
+     *     that it handles *only* http: or https: schemes.  This is a requirement for
+     *     the intent filter's domain linkage being verifiable.
     * @hide
     */
-    public final boolean hasOnlyWebDataURI() {
+    public final boolean handlesWebUris(boolean onlyWebSchemes) {
        // Require ACTION_VIEW, CATEGORY_BROWSEABLE, and at least one scheme
        if (!hasAction(Intent.ACTION_VIEW)
            || !hasCategory(Intent.CATEGORY_BROWSABLE)
@@ -562,13 +566,28 @@ public class IntentFilter implements Parcelable {
        final int N = mDataSchemes.size();
        for (int i = 0; i < N; i++) {
            final String scheme = mDataSchemes.get(i);
-            if (!SCHEME_HTTP.equals(scheme) && !SCHEME_HTTPS.equals(scheme)) {
-                return false;
+            final boolean isWebScheme =
+                    SCHEME_HTTP.equals(scheme) || SCHEME_HTTPS.equals(scheme);
+            if (onlyWebSchemes) {
+                // If we're specifically trying to ensure that there are no non-web schemes
+                // declared in this filter, then if we ever see a non-http/https scheme then
+                // we know it's a failure.
+                if (!isWebScheme) {
+                    return false;
+                }
+            } else {
+                // If we see any http/https scheme declaration in this case then the
+                // filter matches what we're looking for.
+                if (isWebScheme) {
+                    return true;
+                }
            }
        }

-        // Everything passed, so it's an only-web-URIs filter
-        return true;
+        // We get here if:
+        //   1) onlyWebSchemes and no non-web schemes were found, i.e success; or
+        //   2) !onlyWebSchemes and no http/https schemes were found, i.e. failure.
+        return onlyWebSchemes;
    }

    /**
@@ -585,7 +604,7 @@ public class IntentFilter implements Parcelable {
     * @hide
     */
    public final boolean needsVerification() {
-        return getAutoVerify() && hasOnlyWebDataURI();
+        return getAutoVerify() && handlesWebUris(true);
    }

    /**
--- a/services/core/java/com/android/server/pm/PackageManagerService.java
+++ b/services/core/java/com/android/server/pm/PackageManagerService.java
@@ -12138,7 +12138,7 @@ public class PackageManagerService extends IPackageManager.Stub {
                final int verificationId = mIntentFilterVerificationToken++;
                for (PackageParser.Activity a : pkg.activities) {
                    for (ActivityIntentInfo filter : a.intents) {
-                        if (filter.hasOnlyWebDataURI() && needsNetworkVerificationLPr(filter)) {
+                        if (filter.handlesWebUris(true) && needsNetworkVerificationLPr(filter)) {
                            if (DEBUG_DOMAIN_VERIFICATION) Slog.d(TAG,
                                    "Verification needed for IntentFilter:" + filter.toString());
                            mIntentFilterVerifier.addOneIntentFilterVerification(