Remove Intent selector from 2-pane deep link Intent

To guard against the arbitrary Intent injection through Selector. Bug: 246300272 Test: make RunSettingsRoboTests ROBOTEST_FILTER=SettingsActivityTest Change-Id: I8b3b936de490f09f4be960fdafc6e66a1d858ee2
2022-11-01 18:31:04 +08:00
parent bcd7e55ffa
commit 3b1587d6b2
2 changed files with 31 additions and 0 deletions
--- a/tests/robotests/src/com/android/settings/SettingsActivityTest.java
+++ b/tests/robotests/src/com/android/settings/SettingsActivityTest.java
@@ -16,6 +16,8 @@

 package com.android.settings;

+import static android.provider.Settings.EXTRA_SETTINGS_EMBEDDED_DEEP_LINK_INTENT_URI;
+
 import static com.android.settings.SettingsActivity.EXTRA_SHOW_FRAGMENT;

 import static com.google.common.truth.Truth.assertThat;
@@ -30,6 +32,7 @@ import static org.mockito.Mockito.when;
 import android.app.ActivityManager;
 import android.content.Context;
 import android.content.Intent;
+import android.net.Uri;

 import androidx.fragment.app.Fragment;
 import androidx.fragment.app.FragmentManager;
@@ -49,6 +52,7 @@ import org.robolectric.RobolectricTestRunner;
 import org.robolectric.RuntimeEnvironment;
 import org.robolectric.annotation.Config;

+import java.net.URISyntaxException;
 import java.util.ArrayList;
 import java.util.List;

@@ -114,6 +118,29 @@ public class SettingsActivityTest {
        assertThat(((ListenerFragment) fragments.get(1)).mOnActivityResultCalled).isTrue();
    }

+    @Test
+    public void getTrampolineIntent_intentSelector_shouldNotChangeIntentAction() {
+        Intent targetIntent = new Intent().setClassName("android",
+                "com.android.internal.app.PlatLogoActivity");
+        Intent intent = new Intent(android.provider.Settings.ACTION_DISPLAY_SETTINGS);
+        intent.setComponent(intent.resolveActivity(mContext.getPackageManager()));
+        intent.setSelector(new Intent().setData(
+                Uri.fromParts(targetIntent.toUri(Intent.URI_INTENT_SCHEME), /* ssp= */ "",
+                /* fragment= */ null)));
+
+        Intent resultIntent = SettingsActivity.getTrampolineIntent(intent, "menu_key");
+
+        String intentUriString =
+                resultIntent.getStringExtra(EXTRA_SETTINGS_EMBEDDED_DEEP_LINK_INTENT_URI);
+        Intent parsedIntent = null;
+        try {
+            parsedIntent = Intent.parseUri(intentUriString, Intent.URI_INTENT_SCHEME);
+        } catch (URISyntaxException e) {
+            // Do nothng.
+        }
+        assertThat(parsedIntent.getAction()).isEqualTo(intent.getAction());
+    }
+
    public static class ListenerFragment extends Fragment implements OnActivityResultListener {

        private boolean mOnActivityResultCalled;