Fix: Don't apply single-origin mode to native apps (#667)

An unwarranted use of the Elivs operator in Form.kt makes it such that
the restrictions of single-origin mode also apply to native apps.

This commit fixes the bug and also reduces the number of intermediate
values that can mask mistakes like this one.

It also renames saveFlag to saveFlags in BrowserAutofillSupportInfo
since this variable is not limited to contain only a single flag.
This commit is contained in:
Fabian Henneke 2020-03-26 16:29:19 +01:00 committed by GitHub
parent e05b544894
commit a736dcc255
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 16 deletions

View file

@ -141,7 +141,7 @@ private fun getBrowserSaveFlag(appPackage: String): Int? = BROWSER_SAVE_FLAG[app
data class BrowserAutofillSupportInfo(
val multiOriginMethod: BrowserMultiOriginMethod,
val saveFlag: Int?
val saveFlags: Int?
)
@RequiresApi(Build.VERSION_CODES.O)
@ -152,7 +152,7 @@ fun getBrowserAutofillSupportInfoIfTrusted(
if (!isTrustedBrowser(context, appPackage)) return null
return BrowserAutofillSupportInfo(
multiOriginMethod = getBrowserMultiOriginMethod(appPackage),
saveFlag = getBrowserSaveFlag(appPackage)
saveFlags = getBrowserSaveFlag(appPackage)
)
}
@ -175,7 +175,7 @@ private fun getBrowserAutofillSupportLevel(
val browserInfo = getBrowserAutofillSupportInfoIfTrusted(context, appPackage)
return when {
browserInfo == null -> BrowserAutofillSupportLevel.None
browserInfo.saveFlag != null -> BrowserAutofillSupportLevel.FillAndSave
browserInfo.saveFlags != null -> BrowserAutofillSupportLevel.FillAndSave
appPackage in FLAKY_BROWSERS -> BrowserAutofillSupportLevel.FlakyFill
else -> BrowserAutofillSupportLevel.Fill
}

View file

@ -81,15 +81,9 @@ private class Form(context: Context, structure: AssistStructure, isManualRequest
private var appPackage = structure.activityComponent.packageName
private val browserAutofillSupportInfo =
private val trustedBrowserInfo =
getBrowserAutofillSupportInfoIfTrusted(context, appPackage)
private val isTrustedBrowser = browserAutofillSupportInfo != null
private val browserMultiOriginMethod =
browserAutofillSupportInfo?.multiOriginMethod ?: BrowserMultiOriginMethod.None
private val singleOriginMode = browserMultiOriginMethod == BrowserMultiOriginMethod.None
val saveFlags = browserAutofillSupportInfo?.saveFlag
val saveFlags = trustedBrowserInfo?.saveFlags
private val webOrigins = mutableSetOf<String>()
@ -114,7 +108,7 @@ private class Form(context: Context, structure: AssistStructure, isManualRequest
private fun visitFormNode(node: AssistStructure.ViewNode, inheritedWebOrigin: String? = null) {
trackOrigin(node)
val field =
if (browserMultiOriginMethod == BrowserMultiOriginMethod.WebView) {
if (trustedBrowserInfo?.multiOriginMethod == BrowserMultiOriginMethod.WebView) {
FormField(node, fieldIndex, true, inheritedWebOrigin)
} else {
check(inheritedWebOrigin == null)
@ -135,12 +129,12 @@ private class Form(context: Context, structure: AssistStructure, isManualRequest
private fun detectFieldsToFill(isManualRequest: Boolean) = autofillStrategy.match(
relevantFields,
singleOriginMode = singleOriginMode,
singleOriginMode = trustedBrowserInfo?.multiOriginMethod == BrowserMultiOriginMethod.None,
isManualRequest = isManualRequest
)
private fun trackOrigin(node: AssistStructure.ViewNode) {
if (!isTrustedBrowser) return
if (trustedBrowserInfo == null) return
node.webOrigin?.let {
if (it !in webOrigins) {
d { "Origin encountered: $it" }
@ -159,14 +153,14 @@ private class Form(context: Context, structure: AssistStructure, isManualRequest
private fun determineFormOrigin(context: Context): FormOrigin? {
if (scenario == null) return null
if (!isTrustedBrowser || webOrigins.isEmpty()) {
if (trustedBrowserInfo == null || webOrigins.isEmpty()) {
// Security assumption: If a trusted browser includes no web origin in the provided
// AssistStructure, then the form is a native browser form (e.g. for a sync password).
// TODO: Support WebViews in apps via Digital Asset Links
// See: https://developer.android.com/reference/android/service/autofill/AutofillService#web-security
return FormOrigin.App(appPackage)
}
return when (browserMultiOriginMethod) {
return when (trustedBrowserInfo.multiOriginMethod) {
BrowserMultiOriginMethod.None -> {
// Security assumption: If a browser is trusted but does not support tracking
// multiple origins, it is expected to annotate a single field, in most cases its