android_external_chromium-webview_patches/0011-Add-flag-to-disable-external-intent-requests.patch at main · PixelBuildsROM/android_external_chromium-webview_patches · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
From 0c67c658fcb43d655dad70475514b80eda3e527e Mon Sep 17 00:00:00 2001
From: csagan5 <32685696+csagan5@users.noreply.github.com>
Date: Tue, 25 May 2021 19:46:14 +0200
Subject: [PATCH 11/13] Add flag to disable external intent requests

Adds a new flag that allows to control the switch with same name;
when flag is disabled no external intent will ever be allowed,
for any URL except for the tel: schema.
This also reverts commit b710cefb53b558a8bcd884f6baf0229ba4225721 and
enables IntentBlockExternalFormRedirectsNoGesture.

License: GPL-3.0-only - https://spdx.org/licenses/GPL-3.0-only.html
---
 .../java/res/xml/privacy_preferences.xml      |  7 +++-
 .../customtabs/CustomTabDelegateFactory.java  |  2 ++
 .../ExternalNavigationDelegateImpl.java       |  6 ++--
 .../cromite/sAllowExternalIntentRequests.java | 33 +++++++++++++++++++
 ...g-to-disable-external-intent-requests.grdp |  9 +++++
 .../android/external_intents_features.cc      |  6 ++++
 .../android/external_intents_features.h       |  1 +
 .../ExternalIntentsFeatures.java              |  6 ++++
 .../ExternalNavigationHandler.java            | 21 ++++++++++++
 ...ag-to-disable-external-intent-requests.inc | 13 ++++++++
 ...t-Delete-block-external-form-redirects.inc | 15 +++++++++
 ...ag-to-disable-external-intent-requests.inc |  3 ++
 12 files changed, 119 insertions(+), 3 deletions(-)
 create mode 100644 chrome/browser/flags/android/java/src/org/chromium/chrome/browser/flags/cromite/sAllowExternalIntentRequests.java
 create mode 100644 chrome/browser/ui/android/strings/cromite_android_chrome_strings_grd/Add-flag-to-disable-external-intent-requests.grdp
 create mode 100644 cromite_flags/chrome/browser/about_flags_cc/Add-flag-to-disable-external-intent-requests.inc
 create mode 100644 cromite_flags/chrome/browser/about_flags_cc/Revert-Delete-block-external-form-redirects.inc
 create mode 100644 cromite_flags/chrome/browser/flags/android/chrome_feature_list_cc/Add-flag-to-disable-external-intent-requests.inc

diff --git a/chrome/android/java/res/xml/privacy_preferences.xml b/chrome/android/java/res/xml/privacy_preferences.xml
index 1cf95117e63cc..5807c713ce334 100644
--- a/chrome/android/java/res/xml/privacy_preferences.xml
+++ b/chrome/android/java/res/xml/privacy_preferences.xml
@@ -46,7 +46,12 @@ found in the LICENSE file.
         android:title="@string/settings_incognito_tab_lock_title"
         android:summary="@string/settings_incognito_tab_lock_summary_android_setting_off"
         android:persistent="false" />
-
+    <org.chromium.components.browser_ui.settings.ChromeSwitchPreference
+        android:key="allow_external_intent_requests"
+        android:title="@string/allow_external_intent_requests_title"
+        android:summary="@string/allow_external_intent_requests_summary"
+        app:featureName="AllowExternalIntentRequests"
+        app:needRestart="false" />
     <PreferenceCategory
         android:key="security_section"
       android:title="@string/security_section_title" />
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/customtabs/CustomTabDelegateFactory.java b/chrome/android/java/src/org/chromium/chrome/browser/customtabs/CustomTabDelegateFactory.java
index 8ef9688f973bb..a3664f5b53253 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/customtabs/CustomTabDelegateFactory.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/customtabs/CustomTabDelegateFactory.java
@@ -42,6 +42,7 @@ import org.chromium.chrome.browser.ephemeraltab.EphemeralTabCoordinator;
 import org.chromium.chrome.browser.externalnav.ExternalNavigationDelegateImpl;
 import org.chromium.chrome.browser.flags.ActivityType;
 import org.chromium.chrome.browser.flags.ChromeFeatureList;
+import org.chromium.chrome.browser.flags.cromite.sAllowExternalIntentRequests;
 import org.chromium.chrome.browser.fullscreen.BrowserControlsManager;
 import org.chromium.chrome.browser.fullscreen.FullscreenManager;
 import org.chromium.chrome.browser.init.ChromeActivityNativeDelegate;
@@ -171,6 +172,7 @@ public class CustomTabDelegateFactory implements TabDelegateFactory {

         @Override
         public boolean shouldDisableAllExternalIntents() {
+            if (!sAllowExternalIntentRequests.getInstance().isEnabled()) return true;
             return mActivityType == ActivityType.AUTH_TAB
                     && ChromeFeatureList.sCctAuthTabDisableAllExternalIntents.isEnabled();
         }
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
index 65640ecc0b5b8..135da9c7e3c19 100644
--- a/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/externalnav/ExternalNavigationDelegateImpl.java
@@ -27,6 +27,7 @@ import org.chromium.base.ResettersForTesting;
 import org.chromium.build.annotations.NullMarked;
 import org.chromium.build.annotations.Nullable;
 import org.chromium.chrome.browser.ChromeTabbedActivity2;
+import org.chromium.chrome.browser.flags.cromite.sAllowExternalIntentRequests;
 import org.chromium.chrome.browser.IntentHandler;
 import org.chromium.chrome.browser.actor.ActorKeyedServiceFactory;
 import org.chromium.chrome.browser.browserservices.intents.WebappConstants;
@@ -142,7 +143,8 @@ public class ExternalNavigationDelegateImpl implements ExternalNavigationDelegat
     @Override
     public boolean shouldDisableExternalIntentRequestsForUrl(
             ExternalNavigationParams params, Intent intent) {
-        return false;
+        if ("tel".equals(params.getUrl().getScheme())) return false;
+        return !sAllowExternalIntentRequests.getInstance().isEnabled();
     }

     @Override
@@ -335,7 +337,7 @@ public class ExternalNavigationDelegateImpl implements ExternalNavigationDelegat
                 && params.isInitialNavigationInFrame()
                 // TODO(crbug.com/452537438): Figure out a better way to check whether we are in
                 // desktop windowing mode or if the device can enter desktop windowing mode.
-                && (DeviceInfo.isDesktop() || params.isInDesktopWindowingMode());
+                && (params.isInDesktopWindowingMode());
     }

     @Override
diff --git a/chrome/browser/flags/android/java/src/org/chromium/chrome/browser/flags/cromite/sAllowExternalIntentRequests.java b/chrome/browser/flags/android/java/src/org/chromium/chrome/browser/flags/cromite/sAllowExternalIntentRequests.java
new file mode 100644
index 0000000000000..98a7d11ec4dba
--- /dev/null
+++ b/chrome/browser/flags/android/java/src/org/chromium/chrome/browser/flags/cromite/sAllowExternalIntentRequests.java
@@ -0,0 +1,33 @@
+/*
+    This file is part of Cromite.
+
+    Cromite is free software: you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    Cromite is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with Cromite. If not, see <https://www.gnu.org/licenses/>.
+*/
+
+package org.chromium.chrome.browser.flags.cromite;
+
+import org.chromium.components.cached_flags.CachedFlag;
+import org.chromium.chrome.browser.flags.ChromeFeatureMap;
+
+public class sAllowExternalIntentRequests {
+    private static final CachedFlag sInstance =
+        new CachedFlag(ChromeFeatureMap.getInstance(),
+            "AllowExternalIntentRequests", false);
+
+    private sAllowExternalIntentRequests() {}
+
+    public static CachedFlag getInstance() {
+        return sInstance;
+    }
+}
diff --git a/chrome/browser/ui/android/strings/cromite_android_chrome_strings_grd/Add-flag-to-disable-external-intent-requests.grdp b/chrome/browser/ui/android/strings/cromite_android_chrome_strings_grd/Add-flag-to-disable-external-intent-requests.grdp
new file mode 100644
index 0000000000000..02a3d03423d8b
--- /dev/null
+++ b/chrome/browser/ui/android/strings/cromite_android_chrome_strings_grd/Add-flag-to-disable-external-intent-requests.grdp
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="utf-8"?>
+<grit-part>
+    <message name="IDS_ALLOW_EXTERNAL_INTENT_REQUESTS_TITLE" desc="">
+        Allow forward URL requests to external intents
+    </message>
+    <message name="IDS_ALLOW_EXTERNAL_INTENT_REQUESTS_SUMMARY" desc="">
+        If disabled, URL requests will never allow redirection to an external intent, such as open application. Caution: since no verification is possible on the information, allows linkage between browser browsing and activity on the application.
+    </message>
+</grit-part>
diff --git a/components/external_intents/android/external_intents_features.cc b/components/external_intents/android/external_intents_features.cc
index a39bc5527427d..c677e6a1d7c58 100644
--- a/components/external_intents/android/external_intents_features.cc
+++ b/components/external_intents/android/external_intents_features.cc
@@ -29,8 +29,14 @@ const base::Feature* const kFeaturesExposedToJava[] = {

 BASE_FEATURE(kExternalNavigationDebugLogs, base::FEATURE_DISABLED_BY_DEFAULT);

+CROMITE_FEATURE(kIntentBlockExternalFormRedirectsNoGesture,
+                "IntentBlockExternalFormRedirectsNoGesture",
+                base::FEATURE_ENABLED_BY_DEFAULT);
+
 static int64_t JNI_ExternalIntentsFeatures_GetFeature(JNIEnv* env,
                                                       int32_t ordinal) {
+  if (ordinal == -1)
+    return reinterpret_cast<int64_t>(&kIntentBlockExternalFormRedirectsNoGesture);
   return reinterpret_cast<int64_t>(
       UNSAFE_TODO(kFeaturesExposedToJava[ordinal]));
 }
diff --git a/components/external_intents/android/external_intents_features.h b/components/external_intents/android/external_intents_features.h
index 09cca8cde59ba..fc82628b1188d 100644
--- a/components/external_intents/android/external_intents_features.h
+++ b/components/external_intents/android/external_intents_features.h
@@ -9,6 +9,7 @@

 namespace external_intents {

+BASE_DECLARE_FEATURE(kIntentBlockExternalFormRedirectsNoGesture);
 BASE_DECLARE_FEATURE(kExternalNavigationDebugLogs);
 BASE_DECLARE_FEATURE(kBlockFrameRenavigations);

diff --git a/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalIntentsFeatures.java b/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalIntentsFeatures.java
index 73c34121366c0..5f3a79f081e45 100644
--- a/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalIntentsFeatures.java
+++ b/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalIntentsFeatures.java
@@ -19,6 +19,12 @@ import org.chromium.build.annotations.NullMarked;
 @JNINamespace("external_intents")
 @NullMarked
 public class ExternalIntentsFeatures {
+    public static final String INTENT_BLOCK_EXTERNAL_FORM_REDIRECT_NO_GESTURE_NAME =
+            "IntentBlockExternalFormRedirectsNoGesture";
+
+    public static final ExternalIntentsFeature INTENT_BLOCK_EXTERNAL_FORM_REDIRECT_NO_GESTURE =
+            new ExternalIntentsFeature(-1, INTENT_BLOCK_EXTERNAL_FORM_REDIRECT_NO_GESTURE_NAME);
+
     public static final String EXTERNAL_NAVIGATION_DEBUG_LOGS_NAME = "ExternalNavigationDebugLogs";

     public static final ExternalIntentsFeature EXTERNAL_NAVIGATION_DEBUG_LOGS =
diff --git a/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalNavigationHandler.java b/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalNavigationHandler.java
index f8936d20bbcc6..ef290c6ceb66c 100644
--- a/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalNavigationHandler.java
+++ b/components/external_intents/android/java/src/org/chromium/components/external_intents/ExternalNavigationHandler.java
@@ -1793,6 +1793,12 @@ public class ExternalNavigationHandler implements ExternalNavigationHelper {
         return false;
     }

+    /** Wrapper of check against the feature to support overriding for testing. */
+    @VisibleForTesting
+    boolean blockExternalFormRedirectsWithoutGesture() {
+        return ExternalIntentsFeatures.INTENT_BLOCK_EXTERNAL_FORM_REDIRECT_NO_GESTURE.isEnabled();
+    }
+
     private OverrideUrlLoadingResult shouldOverrideUrlLoadingInternal(
             ExternalNavigationParams params,
             Intent targetIntent,
@@ -1880,6 +1886,21 @@ public class ExternalNavigationHandler implements ExternalNavigationHelper {
             return OverrideUrlLoadingResult.forNoOverride();
         }

+        // http://crbug.com/839751: Require user gestures for form submits to external
+        //                          protocols.
+        // TODO(tedchoc): Turn this on by default once we verify this change does
+        //                not break the world.
+        int pageTransitionCore = params.getPageTransition() & PageTransition.CORE_MASK;
+        boolean isFormSubmit = pageTransitionCore == PageTransition.FORM_SUBMIT;
+        boolean isRedirectFromFormSubmit = isFormSubmit && params.isRedirect();
+        if (isRedirectFromFormSubmit && !incomingIntentRedirect && !params.hasUserGesture()
+                && blockExternalFormRedirectsWithoutGesture()) {
+            if (debug()) {
+                Log.i(TAG, "Incoming form intent attempting to redirect without user gesture");
+            }
+            return OverrideUrlLoadingResult.forNoOverride();
+        }
+
         if (hasInternalScheme(params.getUrl(), targetIntent)
                 || hasContentScheme(params.getUrl(), targetIntent)
                 || hasFileSchemeInIntentURI(params.getUrl(), targetIntent)
diff --git a/cromite_flags/chrome/browser/about_flags_cc/Add-flag-to-disable-external-intent-requests.inc b/cromite_flags/chrome/browser/about_flags_cc/Add-flag-to-disable-external-intent-requests.inc
new file mode 100644
index 0000000000000..292d587269804
--- /dev/null
+++ b/cromite_flags/chrome/browser/about_flags_cc/Add-flag-to-disable-external-intent-requests.inc
@@ -0,0 +1,13 @@
+#if BUILDFLAG(IS_ANDROID)
+
+#ifdef FLAG_SECTION
+
+    {"allow-external-intent-requests",
+     "Allow forward URL requests to external intents",
+     "If disabled, URL requests will never"
+     "allow for redirecting to an external intent.", kOsAndroid,
+     SINGLE_DISABLE_VALUE_TYPE("disable-external-intent-requests")},
+
+#endif
+
+#endif
diff --git a/cromite_flags/chrome/browser/about_flags_cc/Revert-Delete-block-external-form-redirects.inc b/cromite_flags/chrome/browser/about_flags_cc/Revert-Delete-block-external-form-redirects.inc
new file mode 100644
index 0000000000000..deca4e0717865
--- /dev/null
+++ b/cromite_flags/chrome/browser/about_flags_cc/Revert-Delete-block-external-form-redirects.inc
@@ -0,0 +1,15 @@
+#if BUILDFLAG(IS_ANDROID)
+
+#ifdef FLAG_SECTION
+
+    {"block-external-form-redirects-no-gesture",
+     "Block intents from form submissions without user gesture",
+     "Require a user gesture that triggered a form submission in order to "
+     "allow for redirecting to an external intent.",
+     kOsAndroid,
+     FEATURE_VALUE_TYPE(
+         external_intents::kIntentBlockExternalFormRedirectsNoGesture)},
+
+#endif
+
+#endif
diff --git a/cromite_flags/chrome/browser/flags/android/chrome_feature_list_cc/Add-flag-to-disable-external-intent-requests.inc b/cromite_flags/chrome/browser/flags/android/chrome_feature_list_cc/Add-flag-to-disable-external-intent-requests.inc
new file mode 100644
index 0000000000000..c4015ad7de119
--- /dev/null
+++ b/cromite_flags/chrome/browser/flags/android/chrome_feature_list_cc/Add-flag-to-disable-external-intent-requests.inc
@@ -0,0 +1,3 @@
+CROMITE_FEATURE(kAllowExternalIntentRequests,
+                "AllowExternalIntentRequests",
+                base::FEATURE_DISABLED_BY_DEFAULT);
--
2.53.0