Chromium Code Reviews Chromium Code Reviews
Issue 1989283002:
Upstream: Launch WebApkActivity from WebAPK. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| diff --git a/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java b/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| index c25ccaebbc11b28233f726ba673aa941fe847384..7a30b21748e08735faf8c11ceb19c2036b1cd5f8 100644 |
| --- a/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| +++ b/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| @@ -13,14 +13,17 @@ import android.util.Base64; |
| import org.chromium.base.ApiCompatibilityUtils; |
| import org.chromium.base.ApplicationStatus; |
| +import org.chromium.base.CommandLine; |
| import org.chromium.base.ContextUtils; |
| import org.chromium.base.Log; |
| +import org.chromium.chrome.browser.ChromeSwitches; |
| import org.chromium.chrome.browser.IntentHandler; |
| import org.chromium.chrome.browser.ShortcutHelper; |
| import org.chromium.chrome.browser.document.ChromeLauncherActivity; |
| import org.chromium.chrome.browser.metrics.LaunchMetrics; |
| import org.chromium.chrome.browser.tab.Tab; |
| import org.chromium.chrome.browser.util.IntentUtils; |
| +import org.chromium.webapk.lib.client.WebApkValidator; |
| import java.lang.ref.WeakReference; |
| @@ -51,24 +54,22 @@ public class WebappLauncherActivity extends Activity { |
| Intent intent = getIntent(); |
| String webappId = webappInfo.id(); |
| String webappUrl = webappInfo.uri().toString(); |
| + String webappPackageName = webappInfo.packageName(); |
| int webappSource = webappInfo.source(); |
| if (webappId != null && webappUrl != null) { |
| - String webappMacString = IntentUtils.safeGetStringExtra( |
| - intent, ShortcutHelper.EXTRA_MAC); |
| - byte[] webappMac = |
| - webappMacString == null ? null : Base64.decode(webappMacString, Base64.DEFAULT); |
| - |
| Intent launchIntent = null; |
| - // Permit the launch to a standalone web app frame if the intent was sent by Chrome, or |
| - // if the MAC is present and valid for the URL to be opened. |
| - boolean isTrusted = IntentHandler.wasIntentSenderChrome(intent, |
| - ContextUtils.getApplicationContext()); |
| - boolean isUrlValid = (webappMac != null |
| - && WebappAuthenticator.isUrlValid(this, webappUrl, webappMac)); |
| - |
| - if (isTrusted || isUrlValid) { |
| + // Permit the launch to a standalone web app frame if: |
| + // - the request was for a WebAPK that is valid |
| + // - the MAC is present and valid for the homescreen shortcut to be opened. |
| + // - the intent was sent by Chrome |
| + boolean isWebApk = CommandLine.getInstance().hasSwitch(ChromeSwitches.ENABLE_WEBAPK) |
| + && isValidWebApk(webappPackageName, webappUrl); |
| + if (isWebApk |
| + || isValidFullscreenPwa(webappUrl, IntentUtils.safeGetStringExtra( |
| + intent, ShortcutHelper.EXTRA_MAC)) |
| + || wasIntentFromChrome(intent)) { |
|
pkotwicz
2016/05/18 23:00:17
The security review will take a lot of time (and i
Xi Han
2016/05/19 18:31:50
Good idea, since the security check isn't the focu
|
| LaunchMetrics.recordHomeScreenLaunchIntoStandaloneActivity(webappUrl, webappSource); |
| String activityName = WebappActivity.class.getName(); |
| @@ -94,12 +95,11 @@ public class WebappLauncherActivity extends Activity { |
| // launch the URL with a VIEW Intent in the regular browser. |
| launchIntent = new Intent(Intent.ACTION_VIEW, Uri.parse(webappUrl)); |
| launchIntent.setClassName(getPackageName(), ChromeLauncherActivity.class.getName()); |
| - launchIntent.putExtra(ShortcutHelper.REUSE_URL_MATCHING_TAB_ELSE_NEW_TAB, true); |
| - launchIntent.putExtra(ShortcutHelper.EXTRA_SOURCE, webappSource); |
| } |
| - |
| - launchIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK |
| - | ApiCompatibilityUtils.getActivityNewDocumentFlag()); |
| + if (!isWebApk) { |
| + launchIntent.setFlags(Intent.FLAG_ACTIVITY_NEW_TASK |
| + | ApiCompatibilityUtils.getActivityNewDocumentFlag()); |
| + } |
| startActivity(launchIntent); |
| } |
| @@ -107,6 +107,42 @@ public class WebappLauncherActivity extends Activity { |
| } |
| /** |
| + * Checks whether the package being targeted is a valid WebAPK and whether the url supplied |
| + * can be fulfilled by that WebAPK. |
| + * @param webapkPackage The package name of the requested WebAPK |
| + * @param url The url to navigate to |
| + * @return true iff all validation criteria are met |
| + */ |
| + private boolean isValidWebApk(String webapkPackage, String url) { |
| + boolean isValidWebApk = WebApkValidator.isValidWebApk(this, webapkPackage); |
| + if (!isValidWebApk) { |
| + Log.d(TAG, "isValidWebApk(pkg=\"" + webapkPackage + "\",url=\"" + url + "\")=false"); |
| + return false; |
| + } |
| + |
| + boolean result = webapkPackage != null |
| + && webapkPackage.equals(WebApkValidator.queryWebApkPackage(this, url)); |
| + Log.d(TAG, "isValidWebApk(pkg=\"" + webapkPackage + "\",url=\"" + url + "\")=" + result); |
| + return result; |
| + } |
| + |
| + /** |
| + * Returns whether the MAC is present and valid for the fullscreen PWA to be opened. |
| + * @param url the url to launch |
| + * @param mac the MAC code provided which must match the requested url |
| + * @return whether the supplied MAC is valid for the supplied url |
| + */ |
| + private boolean isValidFullscreenPwa(String url, String mac) { |
| + return mac != null |
| + && WebappAuthenticator.isUrlValid(this, url, Base64.decode(mac, Base64.DEFAULT)); |
| + } |
| + |
| + private boolean wasIntentFromChrome(Intent intent) { |
| + return IntentHandler.wasIntentSenderChrome(intent, |
| + ContextUtils.getApplicationContext()); |
| + } |
| + |
| + /** |
| * Brings a live WebappActivity back to the foreground if one exists for the given tab ID. |
| * @param tabId ID of the Tab to bring back to the foreground. |
| * @return True if a live WebappActivity was found, false otherwise. |
