Revised WebView restrictions

Closes #2123
M66B · Feb 6, 2015 · 06c966c · 06c966c
1 parent f673a16
commit 06c966c
Show file tree

Hide file tree

Showing 6 changed files with 36 additions and 24 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -20,7 +20,11 @@ Changelog
 
 **Next release**
 
-* Block *ACTION_NEW_OUTGOING_CALL* and *ACTION_PHONE_STATE_CHANGED* instead of changing phone number ([issue](/../../issues/2132))
+* Block *ACTION_NEW_OUTGOING_CALL* and *ACTION_PHONE_STATE_CHANGED* instead of faking phone number ([issue](/../../issues/2132))
+* Renamed restriction *View.WebView* into *View.initUserAgentString*
+* Added restriction *View.postUrl*
+* Changed restriction *View.loadUrl* to restrict loading URLs instead of restriction the user agent string ([issue](/../../issues/2123))
+	* Existing *loadUrl* restrictions will be reset and set to ask
 
 [Open issues](https://github.com/M66B/XPrivacy/issues?state=open)
 

diff --git a/res/values/functions.xml b/res/values/functions.xml
@@ -428,8 +428,9 @@
     <string name="system_Srv_queryUsageStats" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/app/usage/UsageStatsManager.html#queryUsageStats(int, long, long)">Documentation</a>]]></string>
 
     <!-- view -->
-    <string name="view_loadUrl" translatable="false"><![CDATA[Will restrict access to the user agent]]></string>
-    <string name="view_WebView" translatable="false"><![CDATA[Will restrict access to the user agent]]></string>
+    <string name="view_loadUrl" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/webkit/WebView.html#loadUrl(java.lang.String)">Google documentation</a>]]></string>
+    <string name="view_postUrl" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/webkit/WebView.html#postUrl(java.lang.String,%20byte[])">Google documentation</a>]]></string>
+    <string name="view_initUserAgentString" translatable="false"><![CDATA[Will restrict access to the user agent string]]></string>
     <string name="view_getDefaultUserAgent" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/webkit/WebSettings.html#getDefaultUserAgent(android.content.Context)">Google documentation</a>]]></string>
     <string name="view_getUserAgent" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/webkit/WebSettings.html#getUserAgentString()">Google documentation</a>]]></string>
     <string name="view_getUserAgentString" translatable="false"><![CDATA[<a href="https://developer.android.com/reference/android/webkit/WebSettings.html#getUserAgentString()">Google documentation</a>]]></string>

diff --git a/src/biz/bokhorst/xprivacy/Meta.java b/src/biz/bokhorst/xprivacy/Meta.java
@@ -506,8 +506,9 @@ public static List<Hook> get() {
 		mListHook.add(new Hook("system", "Srv_queryEvents", null, 21, "3.5.6", null).AOSP(21));
 		mListHook.add(new Hook("system", "Srv_queryUsageStats", null, 21, "3.5.6", null).AOSP(21));
 
-		mListHook.add(new Hook("view", "loadUrl", "", 1, null, null).unsafe().whitelist(cTypeUrl));
-		mListHook.add(new Hook("view", "WebView", "", 1, null, null).unsafe());
+		mListHook.add(new Hook("view", "loadUrl", "", 1, "3.6.2", "false").unsafe().whitelist(cTypeUrl));
+		mListHook.add(new Hook("view", "postUrl", "", 1, "3.6.2", null).unsafe().whitelist(cTypeUrl));
+		mListHook.add(new Hook("view", "initUserAgentString", "", 3, "3.6.2", null).unsafe());
 		mListHook.add(new Hook("view", "getDefaultUserAgent", "", 17, null, null).unsafe());
 		mListHook.add(new Hook("view", "getUserAgent", "", 3, null, null).unsafe());
 		mListHook.add(new Hook("view", "getUserAgentString", "", 3, null, null).unsafe());
@@ -624,6 +625,7 @@ public static List<Hook> get() {
 		mListHook.add(new Hook(null, "isXposedEnabled", "", 15, null, null));
 
 		// WebView
+		mListHook.add(new Hook(null, "WebView", "", 1, null, null));
 		mListHook.add(new Hook(null, "getSettings", "", 1, null, null));
 
 		// WindowManagerImpl

diff --git a/src/biz/bokhorst/xprivacy/UpdateService.java b/src/biz/bokhorst/xprivacy/UpdateService.java
@@ -335,13 +335,19 @@ private static List<PRestriction> getUpgradeWork(Version sVersion, int uid, bool
 
 						// Restrict replaced methods
 						if (hook.getReplacedMethod() != null) {
-							PRestriction restriction = PrivacyManager.getRestrictionEx(uid,
-									hook.getReplacedRestriction(), hook.getReplacedMethod());
-							listWork.add(new PRestriction(uid, hook.getRestrictionName(), hook.getName(),
-									restriction.restricted, restriction.asked));
-							Util.log(null, Log.WARN,
-									"Replacing " + hook.getReplacedRestriction() + "/" + hook.getReplacedMethod()
-											+ " by " + hook + " from=" + hook.getFrom() + " uid=" + uid);
+							if ("false".equals(hook.getReplacedMethod())) {
+								listWork.add(new PRestriction(uid, hook.getRestrictionName(), hook.getName(), false,
+										false));
+								Util.log(null, Log.WARN, "Resetting restriction " + hook + " uid=" + uid);
+							} else {
+								PRestriction restriction = PrivacyManager.getRestrictionEx(uid,
+										hook.getReplacedRestriction(), hook.getReplacedMethod());
+								listWork.add(new PRestriction(uid, hook.getRestrictionName(), hook.getName(),
+										restriction.restricted, restriction.asked));
+								Util.log(null, Log.WARN,
+										"Replacing " + hook.getReplacedRestriction() + "/" + hook.getReplacedMethod()
+												+ " by " + hook + " from=" + hook.getFrom() + " uid=" + uid);
+							}
 						}
 					}
 				}

diff --git a/src/biz/bokhorst/xprivacy/XWebSettings.java b/src/biz/bokhorst/xprivacy/XWebSettings.java
@@ -25,8 +25,8 @@ public String getClassName() {
 	// public synchronized String getUserAgentString()
 	// public synchronized void setUserAgent(int ua)
 	// public synchronized void setUserAgentString (String ua)
-	// frameworks/base/core/java/android/webkit/WebSettings.java
 	// http://developer.android.com/reference/android/webkit/WebSettings.html
+	// http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/5.0.2_r1/android/webkit/WebSettings.java
 
 	private enum Methods {
 		getDefaultUserAgent, getUserAgent, getUserAgentString, setUserAgent, setUserAgentString

diff --git a/src/biz/bokhorst/xprivacy/XWebView.java b/src/biz/bokhorst/xprivacy/XWebView.java
@@ -30,19 +30,21 @@ public String getClassName() {
 	// public WebSettings getSettings()
 	// public void loadUrl(String url)
 	// public void loadUrl(String url, Map<String, String> additionalHttpHeaders)
-	// frameworks/base/core/java/android/webkit/WebView.java
+	// public postUrl(String url, byte[] postData)
 	// http://developer.android.com/reference/android/webkit/WebView.html
+	// http://grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/5.0.2_r1/android/webkit/WebView.java/
 
 	// @formatter:on
 
 	private enum Methods {
-		WebView, loadUrl, getSettings
+		WebView, loadUrl, postUrl, getSettings
 	};
 
 	public static List<XHook> getInstances() {
 		List<XHook> listHook = new ArrayList<XHook>();
-		listHook.add(new XWebView(Methods.WebView, PrivacyManager.cView));
+		listHook.add(new XWebView(Methods.WebView, null));
 		listHook.add(new XWebView(Methods.loadUrl, PrivacyManager.cView));
+		listHook.add(new XWebView(Methods.postUrl, PrivacyManager.cView));
 		listHook.add(new XWebView(Methods.getSettings, null));
 		return listHook;
 	}
@@ -56,14 +58,11 @@ protected void before(XParam param) throws Throwable {
 			break;
 
 		case loadUrl:
+		case postUrl:
 			if (param.args.length > 0 && param.thisObject instanceof WebView) {
 				String extra = (param.args[0] instanceof String ? (String) param.args[0] : null);
-				if (isRestrictedExtra(param, extra)) {
-					String ua = (String) PrivacyManager.getDefacedProp(Binder.getCallingUid(), "UA");
-					WebView webView = (WebView) param.thisObject;
-					if (webView.getSettings() != null)
-						webView.getSettings().setUserAgentString(ua);
-				}
+				if (isRestrictedExtra(param, extra))
+					param.setResult(null);
 			}
 			break;
 		}
@@ -74,8 +73,7 @@ protected void after(XParam param) throws Throwable {
 		switch (mMethod) {
 		case WebView:
 			if (param.args.length > 0 && param.thisObject instanceof WebView) {
-				int uid = Binder.getCallingUid();
-				if (getRestricted(uid)) {
+				if (isRestricted(param, PrivacyManager.cView, "initUserAgentString")) {
 					String ua = (String) PrivacyManager.getDefacedProp(Binder.getCallingUid(), "UA");
 					WebView webView = (WebView) param.thisObject;
 					if (webView.getSettings() != null)
@@ -85,6 +83,7 @@ protected void after(XParam param) throws Throwable {
 			break;
 
 		case loadUrl:
+		case postUrl:
 			// Do nothing
 			break;