| Age | Commit message (Collapse) | Author |
|---|
|
Brings AOSP up to a true representative implementation which can be
shipped on production devices.
Bug: 171219506
Test: manual, push AOSP, pm enable, pm verify-app-links
Change-Id: I5de6405afe884a19d35d09b266457c4ad4eee91b
|
|
Symptom:
StatementService was crashed due to the exception;
"java.lang.IllegalStateException: cache is closed"
Root cause:
The http cache is deleted at DirectStatementService#onDestroy
in main thread. If a worker thread is still alive and it tries to
access the cache, it fails with IllegalStateException.
Solution:
The request of deleting a cache was moved from the main thread to
worker. Now, the cache can be deleted safely.
Bug: 73911877
Change-Id: I61f4e62b00e35f4a272ef983758e61ef3bf2d180
|
|
This is to support CTS's ability to check that the expected verifications
are indeed being performed by the currently active verifier.
Bug 27482754
Change-Id: Iccb9bd273c7893f04e45bfca0708dcfdde595a3e
|
|
For intent filters that match "*.example.tld" hosts, we now look at
https://example.tld/... to validate the claim.
Change-Id: I9725058fa45e85c96ed4a07781b3f989ac6fd661
|
|
BUG=21596311
Change-Id: Ia98925a4310046ef4d8117afe0b278e6a414dac6
|
|
* Change the well known file location to assetlinks.json.
* Cleanup http connection after verification.
BUG=21487368
BUG=21163039
Change-Id: I0d317ac32c44933af7ed9a98ff1b0efa13eb44b1
|
|
JSONObject parser is too lenient when parsing Json string. Security review
suggested us to use a stricter parser, which we implemented with
JsonReader in this CL.
BUG=20665035
Change-Id: I379976731a1d35ef8ec746f3a6e78be998370f00
|
|
Remove wildcard relation support.
BUG=21343000
Change-Id: I93f4ddf05e7efed78f3ea4a477917cef2836a4a0
|
|
For security reason, disallow HTTP include files if the source asset is
a HTTPS site or an Android app.
Change the include statement field name from "delegate" to "include".
Bug: 20323096
Change-Id: Ifc12b61657c9c89a670b9d7c3220853321c15dea
|
|
Change the location of statement file for web asset
from /.well-known/associations.json to /.well-known/statements.json.
BUG=21153250
Change-Id: Ie8538b852d62c54254c895e0abadc7f502ea2181
|
|
This commit adds a verifier that verifies a host delegates permission for
an app to handle Url for the host using the Statement protocol.
- Implements the Statement protocol
-- The protocol defines a file format that represents statements.
-- The protocol defines where each asset type should put their statement
declaration. For web asset, the statement file should be hosted at
<scheme>://<host>:<port>/.well-known/associations.json.
- Implements IntentFilterVerificationReceiver, an interface between
StatementService and PackageManager. PackageManager will send a
broadcast with action Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION.
The service will process the request and returns the results by calling
PackageManager.verifyIntentFilter().
To verify an IntentFilter like this defined in Android app com.test.app
<intent-filter>
<data android:scheme="https" />
<data android:host="www.test.com" />
<data android:pathPattern=".*"/>
</intent-filter>
The service will try to retrieve the statement file from
https://www.test.com:443/.well-known/associations.json and try to find
a JSON object equivalent to
{'relation': ['delegate_permission/common.handle_all_urls'],
'target': {'namespace': 'android_app',
'package_name': 'com.test.app',
'sha256_cert_fingerprints': [APP_CERT_FP]}}
The entry should have the correct relation, package name, and
certificate sha256 fingerprint.
Because this implementation will send a HTTP request for each host
specified in the intent-filter in AndroidManifest.xml, to avoid overwhelming
the network at app install time, we limit the maximum number of hosts we will
verify for a single app to 10. Any app with more than 10 hosts in the
autoVerify=true intent-filter won't be auto verified.
Change-Id: I787c9d176e4110aa441eb5fe4fa9651a071c6610
|
