Do this both on input from apps (giving error) and between wifi and
ConnectivityService (ignoring bad data). This means removing all
addresses beyond the first and all routes but the first default and
the implied direct-connect routes.
We do this because the user can't monitor the others (no UI), their
support wasn't intended, they allow redirection of all traffic
without user knowledge and they allow circumvention of legacy VPNs.
This should not move forward from JB as it breaks IPv6 and K has
a more resilient VPN.
Bug:12663469
Change-Id: I98c0672a6d9c8d5bc4f160849aa0fa182073216b
Various authenticator results such as getAuthToken and addAccount might
result in an Intent returned to the AccountManager caller. A malicious
authenticator could exploit the fact that the Settings are a system app,
lead the user to launch add account for their account type and thus get
Settings to use the intent to start some arbitrary third parties Activity.
The fix is to make sure that the UID of the app associated with Activity
to be launched by the supplied intent and the Authenticators UID share
the same signature. This means that an authenticator implementer can only
exploit apps they control.
This is a backport of 5bab9daf3cf66f4de19f8757e386030e8bef23ce
Bug: 7699048
Change-Id: Ifed345c2fc20020d55fa2cab1f2f7ea509ea09b2
Backport...
Fix for PreferenceActivities being invoked with non-Fragment class
names via extras in the intent. Make sure that the constructor
doesn't get called if the class name is not for a Fragment type.
Bug: 9901133
Change-Id: I227756fb4246deac796cee09077e482237bb5b0d
Instead of local instance of the default HostnameVerifier, use it
directly from HttpsURLConnection. This avoids class preloading creating
an instance of it before it's necessary.
(cherry picked from commit 928ee1e48fa89302d02fdf8a8a2c7315d7195e7c)
Bug: 9984058
Change-Id: I56565afa0394dc98054abbaef06ac9bfff009e56
At least one of these was getting spoofed in the wild.
We don't want to go too far this late in the game, but this is a good start.
bug:7622253
(cherry picked from commit 47918ae3b4e7ebb54711884e9ff9d0300591ab8b)
Conflicts:
core/res/AndroidManifest.xml
Change-Id: I118b31489fe7add5b8d69289cab9f4e8ab269495
Bug: 7073422
Create the plumbing to use an annotation to allow access to
inherited methods of jsinterface objects. The default webview
behavior has not changed yet. However internally an a flag is
introduced to restrict javascript access to methods that have an annotation.
Clean cherry pick of 94740e6c333a109be7516abbd17dd418f23b4f0c
Provided @JavascriptInterface to methods that are accessible from
js.
Clean cherry pick of b743a23fc5bce9965c1539c3c8611614424a5aff
Add a glue logic to require use of annotations in injected accessibility
objects.
Change-Id: I4135bd6787b2084177215302cd2c72afed090dc0
Bug: 7073422
The feature that is using search box implementation was removed from
browser after Honeycomb. This is to remove the js interface that
is added for this feature.
Clean cherry pick of d773ca8ff2a7a5be94d7f2aaa8ff5ef5dac501a8
Change-Id: I033d29718d08803f375759faf83e2058df6d4906
(1) Prevent full restore from creating files/directories that are
accessible by other applications
(2) Don't restore filesets from "system" packages; i.e. any that runs
as a special uid, unless they define their own agent for handling
the restore process.
Bug 7168284
This is a cherry-pick from the originating tree.
Change-Id: I9f39ada3c4c3b7ee63330b015e62745e84ccb58f
Remove workaround for obsolete touchscreen hardware. Provide a better
focal point for scroll events.
Change-Id: I173cd6696dace379437b56597c4a6ac5c7fbf60d
This solves the problems around active pointer tracking when the
caller may skip events in the MotionEvent stream and replaces the
old implementation with a much simpler algorithm.
Change-Id: I97c0bfad03a6190e403e843d382e05ff2257b66f
Since applications can have Account providers, they need to be delayed
until after PackageManagerService says everything is mounted.
Otherwise the accounts associated with that provider will be removed
immediately when startup happens.
Bug: 6820670
Change-Id: Iba81765260421649f706624d0605a40ebc1347b1
The Settings.Secure value locationPackagePrefixBlacklist and
locationPackagePrefixWhitelist contains comma seperated package-name
prefixes.
Location & geo-fence updates are silently dropped if the receiving
package name has a prefix on the blacklist. Status updates are
not affected. All other API's work as before.
A content observer is used so run-time updates to the blacklist
apply immediately. There is both a blacklist and a whitelist.
The blacklist applies first, and then exemptions are allowed
from the whitelist. In other words, if your package name prefix
matches both the black AND white list, then it is allowed.
Change-Id: I4ea2ad56fa6bd75d32151bc250ac25c26a5777c4
