Chromium Code Reviews Chromium Code Reviews
Issue 2010403002:
Upstream: Add WebAPK security check in WebappLauncherActivity. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| diff --git a/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java b/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| index 61777d059362a5bd6fa71c98329e9c1ab0712881..2a55d8bba4a147d22ba5d29ab1900d8b3c581f7c 100644 |
| --- a/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| +++ b/chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java |
| @@ -23,7 +23,7 @@ import org.chromium.chrome.browser.document.ChromeLauncherActivity; |
| import org.chromium.chrome.browser.metrics.LaunchMetrics; |
| import org.chromium.chrome.browser.tab.Tab; |
| import org.chromium.chrome.browser.util.IntentUtils; |
| -import org.chromium.webapk.lib.common.WebApkConstants; |
| +import org.chromium.webapk.lib.client.WebApkValidator; |
| import java.lang.ref.WeakReference; |
| @@ -58,25 +58,18 @@ public class WebappLauncherActivity extends Activity { |
| int webappSource = webappInfo.source(); |
| if (webappId != null && webappUrl != null) { |
| - String webappMacString = IntentUtils.safeGetStringExtra( |
| - intent, ShortcutHelper.EXTRA_MAC); |
| - byte[] webappMac = |
| - webappMacString == null ? null : Base64.decode(webappMacString, Base64.DEFAULT); |
| - |
| Intent launchIntent = null; |
| - // Permit the launch to a standalone web app frame if the intent was sent by Chrome, or |
| - // if the MAC is present and valid for the URL to be opened. |
| - boolean isTrusted = IntentHandler.wasIntentSenderChrome(intent, |
| - ContextUtils.getApplicationContext()); |
| - boolean isUrlValid = (webappMac != null |
| - && WebappAuthenticator.isUrlValid(this, webappUrl, webappMac)); |
| - boolean isValidWebApk = isValidWebApk(webApkPackageName); |
| - if (webApkPackageName != null && !isValidWebApk) { |
| - isUrlValid = false; |
| - } |
| + // Permit the launch to a standalone web app frame if: |
| + // - the request was for a WebAPK that is valid; |
| + // - the MAC is present and valid for the homescreen shortcut to be opened; |
| + // - the intent was sent by Chrome. |
| + boolean isValidWebApk = isValidWebApk(webApkPackageName, webappUrl); |
| - if (isTrusted || isUrlValid) { |
| + if (isValidWebApk |
| + || isValidFullscreenPwa(webappUrl, IntentUtils.safeGetStringExtra( |
| + intent, ShortcutHelper.EXTRA_MAC)) |
| + || wasIntentFromChrome(intent)) { |
| LaunchMetrics.recordHomeScreenLaunchIntoStandaloneActivity(webappUrl, webappSource); |
| launchIntent = createWebappLaunchIntent(webappInfo, isValidWebApk); |
| } else { |
| @@ -99,6 +92,22 @@ public class WebappLauncherActivity extends Activity { |
| } |
| /** |
| + * Returns whether the MAC is present and valid for the fullscreen PWA to be opened. |
|
pkotwicz
2016/05/27 15:20:15
Nit: PWA -> "Progressive Web App" dfalcantara@ wil
|
| + * @param url the url to launch. |
| + * @param mac the MAC code provided which must match the requested url. |
| + * @return whether the supplied MAC is valid for the supplied url. |
| + */ |
| + private boolean isValidFullscreenPwa(String url, String mac) { |
| + return mac != null |
| + && WebappAuthenticator.isUrlValid(this, url, Base64.decode(mac, Base64.DEFAULT)); |
| + } |
| + |
| + private boolean wasIntentFromChrome(Intent intent) { |
| + return IntentHandler.wasIntentSenderChrome(intent, |
| + ContextUtils.getApplicationContext()); |
| + } |
| + |
| + /* |
| * Creates an Intent to launch the web app. |
| * @param info Information about the web app. |
| * @param isWebApk If true, launch the app as a WebApkActivity. If false, launch the app as |
| @@ -157,15 +166,27 @@ public class WebappLauncherActivity extends Activity { |
| } |
| /** |
| - * Checks whether the package being targeted is a valid WebAPK. |
| - * @param webapkPackageName The package name of the requested WebAPK. |
| + * Checks whether the package being targeted is a valid WebAPK and whether the url supplied |
| + * can be fulfilled by that WebAPK. |
| + * |
| + * @param webapkPackage The package name of the requested WebAPK. |
|
pkotwicz
2016/05/27 15:20:16
For the sake of consistency: webapkPackage -> webA
Xi Han
2016/05/27 15:34:32
Done.
|
| + * @param url The url to navigate to. |
| * @return true iff all validation criteria are met. |
| */ |
| - private boolean isValidWebApk(String webapkPackageName) { |
| - // TODO(hanxi): Adds more validation checks. For example, whether the WebAPK is signed |
| - // by the WebAPK Minting Server. |
| - return CommandLine.getInstance().hasSwitch(ChromeSwitches.ENABLE_WEBAPK) |
| - && webapkPackageName != null |
| - && webapkPackageName.startsWith(WebApkConstants.WEBAPK_PACKAGE_PREFIX); |
| + private boolean isValidWebApk(String webapkPackage, String url) { |
| + if (!CommandLine.getInstance().hasSwitch(ChromeSwitches.ENABLE_WEBAPK)) { |
| + return false; |
| + } |
| + |
| + boolean isValidWebApk = WebApkValidator.isValidWebApk(this, webapkPackage); |
|
pkotwicz
2016/05/27 15:20:15
This can be cleaned up a bit. How about:
if (webA
Xi Han
2016/05/27 15:34:32
Done.
|
| + if (!isValidWebApk) { |
| + Log.d(TAG, "isValidWebApk(pkg=\"" + webapkPackage + "\",url=\"" + url + "\")=false"); |
| + return false; |
| + } |
| + |
| + boolean result = webapkPackage != null |
| + && webapkPackage.equals(WebApkValidator.queryWebApkPackage(this, url)); |
| + Log.d(TAG, "isValidWebApk(pkg=\"" + webapkPackage + "\",url=\"" + url + "\")=" + result); |
| + return result; |
| } |
| } |
