A key bit of code was lost in change 38/25338/5 (2009/09/17 change
of RequestQueue.java) which caused us to not pick up proxy settings.
Putting it back.
bug:2364475
Change-Id: I1e79858f64d8e793a966ef8e6f7a0d3f2a02251f
It's the base class for some public classes, so it needs to be public
as well according to the CTS rules.
Bug: 2537352
Change-Id: Ie2f8141d56907e1d0f4a3a040204b7b14d1fd79a
buffer is full. In that case, WebCore instructs the laoder to pause loading to give the plugin a chance to clear it's buffer and
continue.
Requires an external/webkit change.
Change-Id: Iec96a6325d92e979cbdc53289c2a20cad940ded2
Two more cases of "View certificate" problems like b/2511635
One problem is that if there are multiple resources downloaded for a
page. In that case the mCertificate shown ends up being from the last
loaded resource instead of the main resource of the page. The solution
is to only set the certificate if the LoadListener is the
mIsMainResourceLoader as well as the mIsMainPageLoader.
A larger problem was the fact that the EventHandler.certificate
interface method (in this case the LoadListener.certificate
implementation) once per https connection instead of once per request
as was documented. That meant if an https connection was reused (which
happens frequently on login pages such as
https://www.google.com/accounts which use the POST -> redirect -> GET
idiom to avoid POST data page refresh warnings) then later pages never
were associated with an SslCertificate.
The solution was to change EventHandler.certificate to be called once
per request, specifcally before the request. This means we no longer
call the certificate method in the handleSslErrorRequest case, which
is okay because it includes the SslCertificate within the SslError and
that is what the BrowserActivity expects.
Change-Id: Icbd9bd98c89db82762d1d06de85e1cde2470300d
If the phone comes up in airplane mode you and you turn it off,
you can currently end with both mobile and wifi turned on.
bug:2524413
Change-Id: I7a841c955be9038109d0b220070406a3fbd3e8e9
Bug shows we lost contact with the phone service. We used to leave the notion of enabled alone
in this case, but that can lead to being out of sync (the mobile data connection may be
alive or come alive but if we think it is dead we ignore it). Changing our
notion of its enabled-ness to 'enabled' means we'll pay attention to its messages going forward,
and since after a reboot it starts enabled we'll actually be in sync.
bug:2323057
Change-Id: Ie080b50d764e6879e712507aceb68f585f12f94e
A recent change made the HiPri MobileDataStateTracker listen for notifications
about the default connection (which HiPri shadows). Local code was sending
itself a notification using the old HiPri badging instead of the new Default
badging and those notifications where therefore ignored.
Manifested itself on HiPri connections when we were already on 3g.
See change 42422 on master platform/frameworks/base for the change this is completing.
Change-Id: I375026048724d0035297287c61c6c2f58d4e0294
Currently, the regex used to extract the port matches ':' followed by 1 or more
digits. This means that when passed a malformed URL of type <host>:<path>, no
match is made for the port and the ':' is matched as part of the path. Since the
handling of the path adds a leading '/' where absent (see http://b/1011602),
this leads to the URL being converted to <host>/:<path>.
This change updates the port regex to match ':' followed by zero or more digits.
This means that the ':' is always matched, so it does not leak into the path
and the result is <host><path>. This matches the behavior of desktop browsers.
Bug: 2494876
Change-Id: I34b47c8187cf03aa7674c14cd6593de53dce3169
Also make the usb interface configuration more robust so retries are possible.
Makes all Tethering errors recoverable - no harm letting them try again anyway. Worst case
is they need to reboot.
To avoid external tampering with Dates withing SslCertificate by code
holding on to pointers to Dates used in the constructor or code
mutating values returned by the accessors, we now clone Dates taking
in as arguments and returned to callers.
While working on out openssl code, I found a Y2k bug that the dates
from invalidate certificates could be shown as 1909 instead of 2009.
The reason was because SslCertificate/BrowserActivity passed the
values around as Strings even though the started as Dates (from
X509Certificate) and were converted backed to Dates before
presentation by BrowserActivity's reformatCertificateDate.
SslCertificate now maintains date fields internally as Date objects
without converting them to Strings. The constructor and String
accessors, which are now @deprecated, now specify the format as an ISO
8601 date string which uses 4 digit years.
BrowserActivity now reformatCertificateDate is now simply
formatCertificateDate and no longer has to convert from String to Date
and back to String to get proper Locale formatting.
CTS SslCertificateTest also updated.
This is the framework part, moving classes around so the framework
no longer needs to link to android-common. Makes some APIs public,
others that didn't need to be public are private in the framework,
some small things are copied.
Enhance URL regular expression to match legal one byte Unicode characters in
Internationalized Resource Identifiers as detailed in RFC 3987. Specifically
two byte Unicode characters are not included. Not all things in RFC 3987 is
implemented, this is just an enhancement for recognizing more common used one
byte Unicode characters.
This change helps Browser address bar identify more valid URL without scheme
typed in, such as 현금영수증.kr
make-iana-tld-pattern.py is modified to contain only Top Level Domain
regular expression generation. Other parts of WEB_URL pattern are in
solely in Patters.java for better consistency and maintenance.
Generally clean up the associated SSLCertificateSocketFactory API as well,
change AndroidHttpClient to use this new thing, and make the android-common
library build SDK-clean (woo hoo).
Bug: 2362543
Bug: 2357311
This change cleans the server certificates:
1. Use the end-entity certificate as found in the chain received from the server as the end-entity cert for the newly built chain.
2. Look at the last cert in the newly built chain, specifically it's "issuer" field. If there's a cert in the chain as received with this as the "subject", and this cert hasn't yet been moved into the newly built chain, move it there (as the new last cert). Repeat this step 2 until you can't continue (because there's no matching previously unused cert left).
3. If the last certificate in the new chain has expired (and it's not the end-entity cert), remember this fact, and remove it (so that we can try if we can validating the chain for a different root). If in this case it turns out that we still can't validate the chain, it's probably the cert expiry error that should be displayed.
This CL also cleans the redundant error detection code and reduces the error messages to two types, which are the only two make differences to the user:
a. SSL_IDMISMATCH for name mismatch,
b. SSL_UNTRUSTED for other reasons.
Introduce a callback event observer which can be registered on the
INetworkManagementService instance to receive events from the service.
Signed-off-by: San Mehat <san@google.com>
The MOBILE_MMS, MOBILE_SUPL, MOBILE_DUN and MOBILE_HIPRI net types used
by location, messaging, and vending needed to be exposed.
Bug: 2363272
Change-ID: I6d2361d3642064db619b283b9217512563eb3439
