[tbb-commits] [tor-browser/tor-browser-60.3.0esr-8.5-1] Bug 28125 - Prevent non-Necko network connections
gk at torproject.org
gk at torproject.org
Tue Oct 30 12:03:05 UTC 2018
commit 2c4b103cfef5eafe276713478abf8bd1db057730
Author: Matthew Finkel <Matthew.Finkel at gmail.com>
Date: Thu Oct 25 19:17:09 2018 +0000
Bug 28125 - Prevent non-Necko network connections
---
.../base/java/org/mozilla/gecko/CrashReporter.java | 5 ++
.../base/java/org/mozilla/gecko/SuggestClient.java | 5 ++
.../homepanel/topstories/PocketStoriesLoader.java | 5 ++
.../mozilla/gecko/distribution/Distribution.java | 5 ++
.../java/org/mozilla/gecko/dlc/BaseAction.java | 6 ++
.../java/org/mozilla/gecko/home/ImageLoader.java | 7 ++
.../mozilla/gecko/icons/loader/IconDownloader.java | 11 +++
.../mozilla/gecko/search/SearchEngineManager.java | 5 ++
.../org/mozilla/gecko/switchboard/SwitchBoard.java | 6 ++
.../org/mozilla/gecko/updater/UpdateService.java | 11 +++
.../gecko/media/GeckoMediaDrmBridgeV21.java | 77 +++++++++++---------
.../exoplayer2/upstream/DefaultHttpDataSource.java | 85 ++++++++++++----------
.../service/utils/AbstractCommunicator.java | 5 ++
13 files changed, 157 insertions(+), 76 deletions(-)
diff --git a/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java b/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java
index f1305cfc5398..618278773c38 100644
--- a/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java
+++ b/mobile/android/base/java/org/mozilla/gecko/CrashReporter.java
@@ -472,6 +472,11 @@ public class CrashReporter extends AppCompatActivity
}
private void sendReport(File minidumpFile, Map<String, String> extras, File extrasFile) {
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "sendReport: This is Tor Browser. Skipping.");
+ return;
+ }
+
Log.i(LOGTAG, "sendReport: " + minidumpFile.getPath());
final CheckBox includeURLCheckbox = (CheckBox) findViewById(R.id.include_url);
diff --git a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
index 0ebffeccdf21..137e53cc5c03 100644
--- a/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
+++ b/mobile/android/base/java/org/mozilla/gecko/SuggestClient.java
@@ -72,6 +72,11 @@ public class SuggestClient {
return mPrevResults;
ArrayList<String> suggestions = new ArrayList<String>();
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return suggestions;
+ }
+
if (TextUtils.isEmpty(mSuggestTemplate) || TextUtils.isEmpty(query)) {
return suggestions;
}
diff --git a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
index 7ebead4cfa3f..516c13610047 100644
--- a/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/activitystream/homepanel/topstories/PocketStoriesLoader.java
@@ -124,6 +124,11 @@ public class PocketStoriesLoader extends AsyncTaskLoader<List<TopStory>> {
}
protected String makeAPIRequestWithKey(final String apiKey) {
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
HttpURLConnection connection = null;
final Uri uri = Uri.parse(GLOBAL_ENDPOINT)
diff --git a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
index 7b93eb568acc..ea9534bfd741 100644
--- a/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
+++ b/mobile/android/base/java/org/mozilla/gecko/distribution/Distribution.java
@@ -534,6 +534,11 @@ public class Distribution {
return false;
}
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return false;
+ }
+
URI uri = getReferredDistribution(referrer);
if (uri == null) {
return false;
diff --git a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
index 5b1e0004fef1..56cfde26160c 100644
--- a/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
+++ b/mobile/android/base/java/org/mozilla/gecko/dlc/BaseAction.java
@@ -151,6 +151,12 @@ public abstract class BaseAction {
protected HttpURLConnection buildHttpURLConnection(String url)
throws UnrecoverableDownloadContentException, IOException {
try {
+ if (AppConstants.isTorBrowser()) {
+ String erdcl = "This is Tor Browser. Downloading is disabled for: " + url;
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ throw new UnrecoverableDownloadContentException(erdcl);
+ }
+
System.setProperty("http.keepAlive", "true");
HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(new URI(url));
diff --git a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
index cbbe7babbba4..b6ea0249445c 100644
--- a/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/home/ImageLoader.java
@@ -15,6 +15,7 @@ import com.squareup.picasso.Picasso;
import com.squareup.picasso.Downloader.Response;
import com.squareup.picasso.UrlConnectionDownloader;
+import org.mozilla.gecko.AppConstants;
import org.mozilla.gecko.util.ProxySelector;
import java.io.File;
@@ -91,6 +92,12 @@ public class ImageLoader {
@Override
protected HttpURLConnection openConnection(Uri path) throws IOException {
+ if (AppConstants.isTorBrowser()) {
+ String err = "This is Tor Browser. Downloading is disabled for: " + path.toString();
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ throw new IOException(err);
+ }
+
try {
// This is annoying, but |path| is an android.net.Uri and
// openConnectionWithProxy() accepts a java.net.URI
diff --git a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
index 4a03d440556d..84eb7736e94e 100644
--- a/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
+++ b/mobile/android/base/java/org/mozilla/gecko/icons/loader/IconDownloader.java
@@ -12,6 +12,7 @@ import android.support.annotation.Nullable;
import android.support.annotation.VisibleForTesting;
import android.util.Log;
+import org.mozilla.gecko.AppConstants;
import org.mozilla.gecko.GeckoApplication;
import org.mozilla.gecko.icons.decoders.FaviconDecoder;
import org.mozilla.gecko.icons.decoders.LoadFaviconResult;
@@ -132,6 +133,11 @@ public class IconDownloader implements IconLoader {
return null;
}
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
HttpURLConnection connection = null;
try {
@@ -183,6 +189,11 @@ public class IconDownloader implements IconLoader {
@VisibleForTesting
@NonNull
HttpURLConnection connectTo(String uri) throws URISyntaxException, IOException {
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ throw new IOException();
+ }
+
final HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(
new URI(uri));
diff --git a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
index 1004b7b25ef1..df9b6d67b467 100644
--- a/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
+++ b/mobile/android/base/java/org/mozilla/gecko/search/SearchEngineManager.java
@@ -379,6 +379,11 @@ public class SearchEngineManager implements SharedPreferences.OnSharedPreference
* @return String containing the country code
*/
private String fetchCountryCode() {
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOG_TAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
// First, we look to see if we have a cached code.
final String region = GeckoSharedPrefs.forApp(context).getString(PREF_REGION_KEY, null);
if (region != null) {
diff --git a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
index d78663060f99..e32b50ebadb5 100644
--- a/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
+++ b/mobile/android/base/java/org/mozilla/gecko/switchboard/SwitchBoard.java
@@ -409,6 +409,12 @@ public class SwitchBoard {
HttpURLConnection connection = null;
InputStreamReader inputStreamReader = null;
BufferedReader bufferReader = null;
+
+ if (AppConstants.isTorBrowser()) {
+ Log.i(TAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
try {
connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
connection.setRequestProperty("User-Agent", HardwareUtils.isTablet() ?
diff --git a/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java b/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java
index 0598105fe108..71e1097711d9 100644
--- a/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java
+++ b/mobile/android/base/java/org/mozilla/gecko/updater/UpdateService.java
@@ -379,6 +379,11 @@ public class UpdateService extends IntentService {
try {
URI uri = getUpdateURI(force);
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
if (uri == null) {
Log.e(LOGTAG, "failed to get update URI");
return null;
@@ -527,6 +532,12 @@ public class UpdateService extends IntentService {
private File downloadUpdatePackage(UpdateInfo info, boolean overwriteExisting) {
URL url = null;
+
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
+ return null;
+ }
+
try {
url = info.uri.toURL();
} catch (java.net.MalformedURLException e) {
diff --git a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
index d0973f3dcc17..39d10615d35c 100644
--- a/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
+++ b/mobile/android/geckoview/src/main/java/org/mozilla/gecko/media/GeckoMediaDrmBridgeV21.java
@@ -473,43 +473,48 @@ public class GeckoMediaDrmBridgeV21 implements GeckoMediaDrm {
@Override
protected Void doInBackground(Void... params) {
- try {
- URI finalURI = new URI(mURL + "&signedRequest=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8"));
- HttpURLConnection urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI);
- urlConnection.setRequestMethod("POST");
- if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString());
-
- // Add data
- urlConnection.setRequestProperty("Accept", "*/*");
- urlConnection.setRequestProperty("User-Agent", getCDMUserAgent());
- urlConnection.setRequestProperty("Content-Type", "application/json");
-
- // Execute HTTP Post Request
- urlConnection.connect();
-
- int responseCode = urlConnection.getResponseCode();
- if (responseCode == HttpURLConnection.HTTP_OK) {
- BufferedReader in =
- new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8));
- String inputLine;
- StringBuffer response = new StringBuffer();
-
- while ((inputLine = in.readLine()) != null) {
- response.append(inputLine);
- }
- in.close();
- mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8);
- if (DEBUG) Log.d(LOGTAG, "Provisioning, response received.");
- if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length);
- } else {
- Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode);
- }
- } catch (IOException e) {
- Log.e(LOGTAG, "Got exception during posting provisioning request ...", e);
- } catch (URISyntaxException e) {
- Log.e(LOGTAG, "Got exception during creating uri ...", e);
- }
+ // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/
+ Log.i(LOGTAG, "This is Tor Browser. Skipping.");
return null;
+
+ /* Dead code */
+ //try {
+ // URI finalURI = new URI(mURL + "&signedRequest=" + URLEncoder.encode(new String(mDrmRequest), "UTF-8"));
+ // HttpURLConnection urlConnection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(finalURI);
+ // urlConnection.setRequestMethod("POST");
+ // if (DEBUG) Log.d(LOGTAG, "Provisioning, posting url =" + finalURI.toString());
+
+ // // Add data
+ // urlConnection.setRequestProperty("Accept", "*/*");
+ // urlConnection.setRequestProperty("User-Agent", getCDMUserAgent());
+ // urlConnection.setRequestProperty("Content-Type", "application/json");
+
+ // // Execute HTTP Post Request
+ // urlConnection.connect();
+
+ // int responseCode = urlConnection.getResponseCode();
+ // if (responseCode == HttpURLConnection.HTTP_OK) {
+ // BufferedReader in =
+ // new BufferedReader(new InputStreamReader(urlConnection.getInputStream(), StringUtils.UTF_8));
+ // String inputLine;
+ // StringBuffer response = new StringBuffer();
+
+ // while ((inputLine = in.readLine()) != null) {
+ // response.append(inputLine);
+ // }
+ // in.close();
+ // mResponseBody = String.valueOf(response).getBytes(StringUtils.UTF_8);
+ // if (DEBUG) Log.d(LOGTAG, "Provisioning, response received.");
+ // if (mResponseBody != null) Log.d(LOGTAG, "response length=" + mResponseBody.length);
+ // } else {
+ // Log.d(LOGTAG, "Provisioning, server returned HTTP error code :" + responseCode);
+ // }
+ //} catch (IOException e) {
+ // Log.e(LOGTAG, "Got exception during posting provisioning request ...", e);
+ //} catch (URISyntaxException e) {
+ // Log.e(LOGTAG, "Got exception during creating uri ...", e);
+ //}
+ //return null;
}
@Override
diff --git a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
index 75e1f675c5eb..22e9e1ffcb9b 100644
--- a/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
+++ b/mobile/android/geckoview/src/thirdparty/java/com/google/android/exoplayer2/upstream/DefaultHttpDataSource.java
@@ -395,51 +395,56 @@ public class DefaultHttpDataSource implements HttpDataSource {
*/
private HttpURLConnection makeConnection(URL url, byte[] postBody, long position,
long length, boolean allowGzip, boolean followRedirects) throws IOException, URISyntaxException {
+ // AppConstants.isTorBrowser() is in base/, so it's not available in geckoview/
+ Log.i(TAG, "This is Tor Browser. Skipping.");
+ throw new IOException();
+
/**
* Tor Project modified the way the connection object was created. For the sake of
* simplicity, instead of duplicating the whole file we changed the connection object
* to use the ProxySelector.
*/
- HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
-
- connection.setConnectTimeout(connectTimeoutMillis);
- connection.setReadTimeout(readTimeoutMillis);
- if (defaultRequestProperties != null) {
- for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) {
- connection.setRequestProperty(property.getKey(), property.getValue());
- }
- }
- for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) {
- connection.setRequestProperty(property.getKey(), property.getValue());
- }
- if (!(position == 0 && length == C.LENGTH_UNSET)) {
- String rangeRequest = "bytes=" + position + "-";
- if (length != C.LENGTH_UNSET) {
- rangeRequest += (position + length - 1);
- }
- connection.setRequestProperty("Range", rangeRequest);
- }
- connection.setRequestProperty("User-Agent", userAgent);
- if (!allowGzip) {
- connection.setRequestProperty("Accept-Encoding", "identity");
- }
- connection.setInstanceFollowRedirects(followRedirects);
- connection.setDoOutput(postBody != null);
- if (postBody != null) {
- connection.setRequestMethod("POST");
- if (postBody.length == 0) {
- connection.connect();
- } else {
- connection.setFixedLengthStreamingMode(postBody.length);
- connection.connect();
- OutputStream os = connection.getOutputStream();
- os.write(postBody);
- os.close();
- }
- } else {
- connection.connect();
- }
- return connection;
+ /* Dead code */
+ //HttpURLConnection connection = (HttpURLConnection) ProxySelector.openConnectionWithProxy(url.toURI());
+
+ //connection.setConnectTimeout(connectTimeoutMillis);
+ //connection.setReadTimeout(readTimeoutMillis);
+ //if (defaultRequestProperties != null) {
+ // for (Map.Entry<String, String> property : defaultRequestProperties.getSnapshot().entrySet()) {
+ // connection.setRequestProperty(property.getKey(), property.getValue());
+ // }
+ //}
+ //for (Map.Entry<String, String> property : requestProperties.getSnapshot().entrySet()) {
+ // connection.setRequestProperty(property.getKey(), property.getValue());
+ //}
+ //if (!(position == 0 && length == C.LENGTH_UNSET)) {
+ // String rangeRequest = "bytes=" + position + "-";
+ // if (length != C.LENGTH_UNSET) {
+ // rangeRequest += (position + length - 1);
+ // }
+ // connection.setRequestProperty("Range", rangeRequest);
+ //}
+ //connection.setRequestProperty("User-Agent", userAgent);
+ //if (!allowGzip) {
+ // connection.setRequestProperty("Accept-Encoding", "identity");
+ //}
+ //connection.setInstanceFollowRedirects(followRedirects);
+ //connection.setDoOutput(postBody != null);
+ //if (postBody != null) {
+ // connection.setRequestMethod("POST");
+ // if (postBody.length == 0) {
+ // connection.connect();
+ // } else {
+ // connection.setFixedLengthStreamingMode(postBody.length);
+ // connection.connect();
+ // OutputStream os = connection.getOutputStream();
+ // os.write(postBody);
+ // os.close();
+ // }
+ //} else {
+ // connection.connect();
+ //}
+ //return connection;
}
/**
diff --git a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
index 9b3ee98f89db..fc3248d72219 100644
--- a/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
+++ b/mobile/android/stumbler/java/org/mozilla/mozstumbler/service/utils/AbstractCommunicator.java
@@ -68,6 +68,11 @@ public abstract class AbstractCommunicator {
}
private void openConnectionAndSetHeaders() {
+ if (AppConstants.isTorBrowser()) {
+ Log.i(LOG_TAG, "This is Tor Browser. Skipping.");
+ throw new Exception();
+ }
+
try {
Prefs prefs = Prefs.getInstanceWithoutContext();
if (sMozApiKey == null || prefs != null) {
More information about the tbb-commits
mailing list