Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(296)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappLauncherActivity.java

Issue 2409483002: Read the bare minimum of data from the WebAPK launch intent. (Closed)
Patch Set: Merge branch 'startup_crash0' into security Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/android/java/src/org/chromium/chrome/browser/webapps/WebApkMetaDataUtils.java ('K') | « chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappInfo.java ('k') | chrome/android/java_sources.gni » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 package org.chromium.chrome.browser.webapps; 5 package org.chromium.chrome.browser.webapps;
6 6
7 import android.app.Activity; 7 import android.app.Activity;
8 import android.content.Intent; 8 import android.content.Intent;
9 import android.net.Uri; 9 import android.net.Uri;
10 import android.os.Build; 10 import android.os.Build;
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
56 if (webappInfo == null) return; 56 if (webappInfo == null) return;
57 57
58 String webappUrl = webappInfo.uri().toString(); 58 String webappUrl = webappInfo.uri().toString();
59 String webApkPackageName = webappInfo.webApkPackageName(); 59 String webApkPackageName = webappInfo.webApkPackageName();
60 int webappSource = webappInfo.source(); 60 int webappSource = webappInfo.source();
61 String webappMac = IntentUtils.safeGetStringExtra(intent, ShortcutHelper .EXTRA_MAC); 61 String webappMac = IntentUtils.safeGetStringExtra(intent, ShortcutHelper .EXTRA_MAC);
62 62
63 ChromeWebApkHost.init(); 63 ChromeWebApkHost.init();
64 boolean isValidWebApk = isValidWebApk(webApkPackageName, webappUrl); 64 boolean isValidWebApk = isValidWebApk(webApkPackageName, webappUrl);
65 65
66 if (isValidWebApk) {
67 // {@link #isValidWebApk} checks whether the start URL sent in the i ntent is in the
68 // scope of a WebAPK but it does not check that the intent was sent from Chrome. Unlike
69 // non-WebAPK web apps, WebAPK ids are predictable. A malicious acto r may send an intent
70 // with a valid start URL and arbitrary other data. Only use the sta rt URL, the package
71 // name and the ShortcutSource from the launch intent and extract th e remaining data
72 // from the <meta-data> in the WebAPK's Android manifest.
73 webappInfo = WebApkMetaDataUtils.extractWebappInfoFromWebApk(
74 webApkPackageName, webappUrl, webappInfo.source());
75
76 if (webappInfo == null) return;
77 }
78
66 // Permit the launch to a standalone web app frame if any of the followi ng are true: 79 // Permit the launch to a standalone web app frame if any of the followi ng are true:
67 // - the request was for a WebAPK that is valid; 80 // - the request was for a WebAPK that is valid;
68 // - the MAC is present and valid for the homescreen shortcut to be open ed; 81 // - the MAC is present and valid for the homescreen shortcut to be open ed;
69 // - the intent was sent by Chrome. 82 // - the intent was sent by Chrome.
70 if (isValidWebApk || isValidMacForUrl(webappUrl, webappMac) 83 if (isValidWebApk || isValidMacForUrl(webappUrl, webappMac)
71 || wasIntentFromChrome(intent)) { 84 || wasIntentFromChrome(intent)) {
72 LaunchMetrics.recordHomeScreenLaunchIntoStandaloneActivity(webappUrl , webappSource); 85 LaunchMetrics.recordHomeScreenLaunchIntoStandaloneActivity(webappUrl , webappSource);
73 Intent launchIntent = createWebappLaunchIntent(webappInfo, webappSou rce, isValidWebApk); 86 Intent launchIntent = createWebappLaunchIntent(webappInfo, webappSou rce, isValidWebApk);
74 startActivity(launchIntent); 87 startActivity(launchIntent);
75 return; 88 return;
(...skipping 114 matching lines...) Expand 10 before | Expand all | Expand 10 after
190 if (webApkPackage == null || !ChromeWebApkHost.isEnabled()) { 203 if (webApkPackage == null || !ChromeWebApkHost.isEnabled()) {
191 return false; 204 return false;
192 } 205 }
193 if (!webApkPackage.equals(WebApkValidator.queryWebApkPackage(this, url)) ) { 206 if (!webApkPackage.equals(WebApkValidator.queryWebApkPackage(this, url)) ) {
194 Log.d(TAG, "%s is not within scope of %s WebAPK", url, webApkPackage ); 207 Log.d(TAG, "%s is not within scope of %s WebAPK", url, webApkPackage );
195 return false; 208 return false;
196 } 209 }
197 return true; 210 return true;
198 } 211 }
199 } 212 }
OLDNEW
« chrome/android/java/src/org/chromium/chrome/browser/webapps/WebApkMetaDataUtils.java ('K') | « chrome/android/java/src/org/chromium/chrome/browser/webapps/WebappInfo.java ('k') | chrome/android/java_sources.gni » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698