| d160479a24c28b5cf142483e8449967ec55bcf33 |
18-Jan-2018 |
Hidehiko Tsuchiya <hidehiko.xa.tsuchiya@sonymobile.com> |
Defer deleting a http cache
Symptom:
StatementService was crashed due to the exception;
"java.lang.IllegalStateException: cache is closed"
Root cause:
The http cache is deleted at DirectStatementService#onDestroy
in main thread. If a worker thread is still alive and it tries to
access the cache, it fails with IllegalStateException.
Solution:
The request of deleting a cache was moved from the main thread to
worker. Now, the cache can be deleted safely.
Cherrypick from AOSP master.
Bug: 73911877
Test: manual
Change-Id: I61f4e62b00e35f4a272ef983758e61ef3bf2d180
Merged-In: I61f4e62b00e35f4a272ef983758e61ef3bf2d180
om/android/statementservice/DirectStatementService.java
|
| eb87a4d969c8282ff0c257541a42e499a99d32c7 |
28-Apr-2016 |
Christopher Tate <ctate@google.com> |
Always log web link filter verification parameters
This is to support CTS's ability to check that the expected verifications
are indeed being performed by the currently active verifier.
Bug 27482754
Change-Id: Iccb9bd273c7893f04e45bfca0708dcfdde595a3e
om/android/statementservice/IntentFilterVerificationReceiver.java
|
| d268a221dce09803d24a341543c9bc71fd09f3ce |
20-Feb-2016 |
Christopher Tate <ctate@google.com> |
Implement wildcard-host policy in reference autoVerify implementation
For intent filters that match "*.example.tld" hosts, we now look at
https://example.tld/... to validate the claim.
Change-Id: I9725058fa45e85c96ed4a07781b3f989ac6fd661
om/android/statementservice/IntentFilterVerificationReceiver.java
|
| 5fcbb9d0c17e073fb28c7169e80fa7bb8e61c6b1 |
15-Jun-2015 |
Joseph Wen <josephwen@google.com> |
Retry intent verification 3 times before failing.
BUG=21596311
Change-Id: Ia98925a4310046ef4d8117afe0b278e6a414dac6
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/URLFetcher.java
|
| 871fe6ed66e9de1369fbc7e4a145f98272b88c0b |
09-Jun-2015 |
Joseph Wen <josephwen@google.com> |
Update Statement Service
* Change the well known file location to assetlinks.json.
* Cleanup http connection after verification.
BUG=21487368
BUG=21163039
Change-Id: I0d317ac32c44933af7ed9a98ff1b0efa13eb44b1
om/android/statementservice/retriever/AbstractStatementRetriever.java
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/Statement.java
om/android/statementservice/retriever/URLFetcher.java
|
| 3bbc90992645934df523762f7dcdb097eae366d5 |
26-May-2015 |
Joseph Wen <josephwen@google.com> |
Update Statement Service.
JSONObject parser is too lenient when parsing Json string. Security review
suggested us to use a stricter parser, which we implemented with
JsonReader in this CL.
BUG=20665035
Change-Id: I379976731a1d35ef8ec746f3a6e78be998370f00
om/android/statementservice/retriever/AbstractAsset.java
om/android/statementservice/retriever/AssetFactory.java
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/JsonParser.java
om/android/statementservice/retriever/StatementParser.java
|
| b409110cc114c30ddd6a3a64e6c2395caf413dec |
22-May-2015 |
Joseph Wen <josephwen@google.com> |
Update Statement Service
Remove wildcard relation support.
BUG=21343000
Change-Id: I93f4ddf05e7efed78f3ea4a477917cef2836a4a0
om/android/statementservice/retriever/Relation.java
|
| 8c7d99c2b77acbcbbdcbf0dcab61a07767d5dd1b |
23-Apr-2015 |
Joseph Wen <josephwen@google.com> |
Update the Statement Service. DO NOT MERGE
For security reason, disallow HTTP include files if the source asset is
a HTTPS site or an Android app.
Change the include statement field name from "delegate" to "include".
Bug: 20323096
Change-Id: Ifc12b61657c9c89a670b9d7c3220853321c15dea
om/android/statementservice/retriever/AbstractAsset.java
om/android/statementservice/retriever/AndroidAppAsset.java
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/URLFetcher.java
om/android/statementservice/retriever/Utils.java
om/android/statementservice/retriever/WebAsset.java
|
| d28bb6e3ac02ff9e7c6f8a38419957035ca31717 |
14-May-2015 |
Joseph Wen <josephwen@google.com> |
Change the location of Brandmaster statement file.
Change the location of statement file for web asset
from /.well-known/associations.json to /.well-known/statements.json.
BUG=21153250
Change-Id: Ie8538b852d62c54254c895e0abadc7f502ea2181
om/android/statementservice/retriever/AbstractStatementRetriever.java
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/Statement.java
|
| 6a34bb2d6a6cbc7a70bdf0c53d238dc28e0b1d58 |
25-Feb-2015 |
Joseph Wen <josephwen@google.com> |
Implement IntentFilter verification service.
This commit adds a verifier that verifies a host delegates permission for
an app to handle Url for the host using the Statement protocol.
- Implements the Statement protocol
-- The protocol defines a file format that represents statements.
-- The protocol defines where each asset type should put their statement
declaration. For web asset, the statement file should be hosted at
<scheme>://<host>:<port>/.well-known/associations.json.
- Implements IntentFilterVerificationReceiver, an interface between
StatementService and PackageManager. PackageManager will send a
broadcast with action Intent.ACTION_INTENT_FILTER_NEEDS_VERIFICATION.
The service will process the request and returns the results by calling
PackageManager.verifyIntentFilter().
To verify an IntentFilter like this defined in Android app com.test.app
<intent-filter>
<data android:scheme="https" />
<data android:host="www.test.com" />
<data android:pathPattern=".*"/>
</intent-filter>
The service will try to retrieve the statement file from
https://www.test.com:443/.well-known/associations.json and try to find
a JSON object equivalent to
{'relation': ['delegate_permission/common.handle_all_urls'],
'target': {'namespace': 'android_app',
'package_name': 'com.test.app',
'sha256_cert_fingerprints': [APP_CERT_FP]}}
The entry should have the correct relation, package name, and
certificate sha256 fingerprint.
Because this implementation will send a HTTP request for each host
specified in the intent-filter in AndroidManifest.xml, to avoid overwhelming
the network at app install time, we limit the maximum number of hosts we will
verify for a single app to 10. Any app with more than 10 hosts in the
autoVerify=true intent-filter won't be auto verified.
Change-Id: I787c9d176e4110aa441eb5fe4fa9651a071c6610
om/android/statementservice/DirectStatementService.java
om/android/statementservice/ExceptionLoggingFutureTask.java
om/android/statementservice/IntentFilterVerificationReceiver.java
om/android/statementservice/retriever/AbstractAsset.java
om/android/statementservice/retriever/AbstractAssetMatcher.java
om/android/statementservice/retriever/AbstractStatementRetriever.java
om/android/statementservice/retriever/AndroidAppAsset.java
om/android/statementservice/retriever/AndroidAppAssetMatcher.java
om/android/statementservice/retriever/AndroidPackageInfoFetcher.java
om/android/statementservice/retriever/AssetFactory.java
om/android/statementservice/retriever/AssetJsonWriter.java
om/android/statementservice/retriever/AssetMatcherFactory.java
om/android/statementservice/retriever/AssociationServiceException.java
om/android/statementservice/retriever/DirectStatementRetriever.java
om/android/statementservice/retriever/ParsedStatement.java
om/android/statementservice/retriever/Relation.java
om/android/statementservice/retriever/Statement.java
om/android/statementservice/retriever/StatementParser.java
om/android/statementservice/retriever/URLFetcher.java
om/android/statementservice/retriever/Utils.java
om/android/statementservice/retriever/WebAsset.java
om/android/statementservice/retriever/WebAssetMatcher.java
om/android/statementservice/retriever/WebContent.java
|