PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
61,610 Commits 1 Branch 0 Tags
ffe95b65ac77906af87f53dcd35c3d506eb9f57c
Commit Graph

61610 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hugh Chen
43d093ebe8 RESTRICT AUTOMERGE Fix bluetooth settings will broadcast to anywhere when some cases 
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.

This CL will not allow to set package name and class name to avoid
the attacker.

Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.

Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
(cherry picked from commit 8adedc6249)
 2021-04-26 03:43:57 +00:00
Hugh Chen
208e32af9f RESTRICT AUTOMERGE Fix bluetooth settings will broadcast to anywhere when some cases 
BluetoothPermissionActivity and DevicePickerFragment will send
broadcast to return the result to calling apps. As this broadcast
intent is from Settings with uid 1000, it will be sent to any
protected BroadcastReceivers in the device. It can make an attacker
send broadcast to protected BroadcastReceivers like factory reset intent
(android/com.android.server.MasterClearReceiver) via
BluetoothPermissionActivity or DevicePickerFragment.

This CL will not allow to set package name and class name to avoid
the attacker.

Bug: 179386960
Bug: 179386068
Test: make -j42 RunSettingsRoboTests and use test apk to manually test
to verify factory reset not started and no system UI notification.

Change-Id: Id27a78091ab578077853b8fbb97a4422cff0a158
(cherry picked from commit 8adedc6249)
 2021-04-26 03:42:48 +00:00
TreeHugger Robot
f7682416b6 Merge "Import translations. DO NOT MERGE ANYWHERE" into mainline-prod 2021-04-23 16:53:04 +00:00
Bill Yi
700eca8b5f Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I51f96d5f1e2778626013b66df73ff8efe2acfb84
 2021-04-23 11:24:40 +00:00
Bill Yi
45cdde1f2d Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I09f34dc32792b83f2fa937488ca042e0c0dbc1b1
 2021-04-23 11:21:18 +00:00
TreeHugger Robot
bdd118dd32 Merge "Import translations. DO NOT MERGE ANYWHERE" into mainline-prod 2021-04-21 08:35:24 +00:00
Bill Yi
ca4797df06 Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: Ia3bcf08024545d44f87ac3208f6c2d5ff7a1d8fc
 2021-04-21 07:06:47 +00:00
Bill Yi
c7be92bf6a Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: Id494d2571fc237ef47af58f96be1ef9e9025dc5e
 2021-04-21 07:03:23 +00:00
TreeHugger Robot
1da5e095f0 Merge "Import translations. DO NOT MERGE ANYWHERE" into mainline-prod 2021-04-19 22:17:45 +00:00
Bill Yi
cfa683bcea Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I92f69b8b0d4437bcc4c7092b0f432c6dd2041d30
 2021-04-19 20:53:07 +00:00
Bill Yi
926d7148f5 Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: Ifb9078b852b716a55695c56d410c135760c90e8e
 2021-04-19 20:49:31 +00:00
TreeHugger Robot
8897a11364 Merge "Import translations. DO NOT MERGE ANYWHERE" into mainline-prod 2021-04-18 07:04:08 +00:00
Bill Yi
80d8ebe526 Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: Ia65a97a90af59964e451be02327a618179b38af0
 2021-04-17 21:48:45 -07:00
Bill Yi
c784589af7 Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I4a5f8ef8d69bf4bcb11c690de734387a3244b438
 2021-04-17 21:45:23 -07:00
Tsung-Mao Fang
80c3f6d4d8 Prevent HTML Injection on the Device Admin request screen 
The root issue is that CharSequence is an interface.
String implements that interface, however, Spanned class
too which is a rich text format that can store HTML code.

The solution is enforce to use String type which won't include
any HTML function.

Test: Rebuilt apk and see the string without HTML style.
Bug: 179042963
Change-Id: I53b460b12da918e022d2f2934f114d205dbaadb0
Merged-In: I53b460b12da918e022d2f2934f114d205dbaadb0
 2021-04-14 12:19:21 +00:00
Tsung-Mao Fang
52f9039d5c Prevent HTML Injection on the Device Admin request screen 
The root issue is that CharSequence is an interface.
String implements that interface, however, Spanned class
too which is a rich text format that can store HTML code.

The solution is enforce to use String type which won't include
any HTML function.

Test: Rebuilt apk and see the string without HTML style.
Bug: 179042963
Change-Id: I53b460b12da918e022d2f2934f114d205dbaadb0
Merged-In: I53b460b12da918e022d2f2934f114d205dbaadb0
(cherry picked from commit 0bf3c98b2f)
 2021-04-14 12:16:57 +00:00
TreeHugger Robot
fa9fd4f924 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: d2ee0db550 -s ours am: c3edd0b379 -s ours am: 00e30fba67 -s ours am: be6b904ec5 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 8a9fafb37d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14108645

Change-Id: Ia88db4d0b98ebbcd5c1114cf21673bbbd73a217b
 2021-04-09 18:57:07 +00:00
TreeHugger Robot
be6b904ec5 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: d2ee0db550 -s ours am: c3edd0b379 -s ours am: 00e30fba67 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 8a9fafb37d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14108645

Change-Id: I8dae5afba2b9b3ad00a1c7d8ec0d254abd706901
 2021-04-09 18:10:21 +00:00
TreeHugger Robot
00e30fba67 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: d2ee0db550 -s ours am: c3edd0b379 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 8a9fafb37d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14108645

Change-Id: I0f596d744078240f574e6f998cbb7dd9e8d09dfd
 2021-04-09 17:27:01 +00:00
TreeHugger Robot
c3edd0b379 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: d2ee0db550 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 8a9fafb37d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14108645

Change-Id: Ie4514dfe4f245139b9733d903f8f36ed29af998c
 2021-04-09 16:50:18 +00:00
TreeHugger Robot
d2ee0db550 Merge "Hide non-system overlay window on ActivityPicker" into pi-dev 2021-04-09 15:58:30 +00:00
TreeHugger Robot
fe40f85cca Merge "Import translations. DO NOT MERGE ANYWHERE" into mainline-prod 2021-04-09 15:46:04 +00:00
Bill Yi
5a160fbc8d Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I377d6f3d7f4af04a0cb9797fe95bff881b17e8b3
 2021-04-09 06:59:47 -07:00
Bill Yi
a626332f65 Import translations. DO NOT MERGE ANYWHERE 
Auto-generated-cl: translation import
Change-Id: I422132510dd25b392386f53bc9e1a77c5b483bf1
 2021-04-09 06:11:06 -07:00
Arc Wang
636e70fbf2 Hide non-system overlay window on ActivityPicker 
To improve security.

Bug: 181962311
Test: manual
      Show an AlertDialog and observe if it will hide after below command.
      adb shell am start -a android.intent.action.PICK_ACTIVITY -n com.android.settings/.ActivityPicker
Change-Id: I43bb0f47a96719c61c5beb4ddf486b14cbdd6ee8
Merged-In: I6e2845cc19dc012cba2933318a067bbb8db90a23
 2021-04-07 10:06:45 +08:00
TreeHugger Robot
4602a52b36 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev am: f43af46d1d -s ours am: a5715ed5c9 -s ours am: 04c2f0b19a -s ours am: 47c4492d09 -s ours am: 8ad7f62a65 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 855b1f428d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835812

Change-Id: I87e3d728a2c10c857062b706541a26c939b09902
 2021-04-06 16:06:59 +00:00
TreeHugger Robot
8ad7f62a65 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev am: f43af46d1d -s ours am: a5715ed5c9 -s ours am: 04c2f0b19a -s ours am: 47c4492d09 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 855b1f428d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835812

Change-Id: Ic3d1e0553dee77abe9930df9f70423f41048af21
 2021-04-06 15:20:44 +00:00
Arc Wang
bd35c42fd6 Merge "Revert "Hide non-system overlay window on ActivityPicker"" into pi-dev am: bcc7f89f85 am: 89d14a36dc am: 30ab86df65 am: 767f72b09b 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14103366

Change-Id: Ic69d0cc8020b52a65c9d60a03e98e6c8ad753e60
 2021-04-06 15:06:21 +00:00
TreeHugger Robot
47c4492d09 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev am: f43af46d1d -s ours am: a5715ed5c9 -s ours am: 04c2f0b19a -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 855b1f428d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835812

Change-Id: I03ab6cfd3dcf31340f4beacc1782881db3fa7bde
 2021-04-06 14:40:35 +00:00
Arc Wang
767f72b09b Merge "Revert "Hide non-system overlay window on ActivityPicker"" into pi-dev am: bcc7f89f85 am: 89d14a36dc am: 30ab86df65 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14103366

Change-Id: I5a1cc56ebca9f1f9dc289a4622b4db22a62a6f73
 2021-04-06 14:19:47 +00:00
TreeHugger Robot
04c2f0b19a [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev am: f43af46d1d -s ours am: a5715ed5c9 -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 855b1f428d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835812

Change-Id: Ic9924a9f19a55616cc0c754a4d7dbda9e02143bb
 2021-04-06 14:02:52 +00:00
Arc Wang
30ab86df65 Merge "Revert "Hide non-system overlay window on ActivityPicker"" into pi-dev am: bcc7f89f85 am: 89d14a36dc 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14103366

Change-Id: I02b3f057bfb03aa1e2d57ba0ce22854df6690bd9
 2021-04-06 13:37:25 +00:00
TreeHugger Robot
a5715ed5c9 [automerger skipped] Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev am: f43af46d1d -s ours 
am skip reason: skip tag Change-Id I6e2845cc19dc012cba2933318a067bbb8db90a23 with SHA-1 855b1f428d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835812

Change-Id: Ife137461365b88bc33cc7e22d72ef4c6b2926357
 2021-04-06 13:18:07 +00:00
Arc Wang
89d14a36dc Merge "Revert "Hide non-system overlay window on ActivityPicker"" into pi-dev am: bcc7f89f85 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/14103366

Change-Id: Iec105d8ee74d6d2c869072866c4caffbd40d9a19
 2021-04-06 13:01:40 +00:00
Arc Wang
4c1e380701 Merge "Hide non-system overlay window on ActivityPicker" into qt-dev am: 9513326e44 am: e1660daab4 am: 83d11bebe2 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835815

Change-Id: I21ed6d8435f63c4184f606bdffbd9e7739a04445
 2021-04-06 13:01:25 +00:00
TreeHugger Robot
f43af46d1d Merge "Hide non-system overlay window on ActivityPicker" into oc-mr1-dev 2021-04-06 12:51:12 +00:00
Arc Wang
bcc7f89f85 Merge "Revert "Hide non-system overlay window on ActivityPicker"" into pi-dev 2021-04-06 12:37:52 +00:00
Arc Wang
83d11bebe2 Merge "Hide non-system overlay window on ActivityPicker" into qt-dev am: 9513326e44 am: e1660daab4 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835815

Change-Id: Ic9a7c0fb856096e02a20f40fa723a00b62d92819
 2021-04-06 12:35:26 +00:00
Arc Wang
eb2ac6e455 Revert "Hide non-system overlay window on ActivityPicker" 
This reverts commit 855b1f428d.

Reason for revert: <b/184623294>

Change-Id: Ie1eb6f86feda56d6444971fa5dfd2c11357fab01
 2021-04-06 12:29:38 +00:00
Arc Wang
e1660daab4 Merge "Hide non-system overlay window on ActivityPicker" into qt-dev am: 9513326e44 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835815

Change-Id: I19629b5e098a176da1fe21e020deb8a78c6069ad
 2021-04-06 11:43:37 +00:00
Arc Wang
9513326e44 Merge "Hide non-system overlay window on ActivityPicker" into qt-dev 2021-04-06 11:03:29 +00:00
Arc Wang
8a9fafb37d Hide non-system overlay window on ActivityPicker 
To improve security.

Bug: 181962311
Test: manual
      Show an AlertDialog and observe if it will hide after below command.
      adb shell am start -a android.intent.action.PICK_ACTIVITY -n com.android.settings/.ActivityPicker
Change-Id: I6e2845cc19dc012cba2933318a067bbb8db90a23
Merged-In: I6e2845cc19dc012cba2933318a067bbb8db90a23
(cherry picked from commit 3b4853e109)
 2021-04-06 11:02:10 +00:00
TreeHugger Robot
e5fe80f5a8 Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: 7a09c0613f am: d0957376c0 am: e4749c3458 am: 1dcc4ee8a1 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835814

Change-Id: I347494e3adb066c885d130b72f398d62c68e2ed6
 2021-04-06 10:24:10 +00:00
TreeHugger Robot
1dcc4ee8a1 Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: 7a09c0613f am: d0957376c0 am: e4749c3458 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835814

Change-Id: Id2b2b68996481b1a177a284ef99dbd44bff0946b
 2021-04-06 09:59:08 +00:00
TreeHugger Robot
e4749c3458 Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: 7a09c0613f am: d0957376c0 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835814

Change-Id: I3a5f7ae870c60965676dc776120dc220c336b471
 2021-04-06 09:37:39 +00:00
TreeHugger Robot
d0957376c0 Merge "Hide non-system overlay window on ActivityPicker" into pi-dev am: 7a09c0613f 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835814

Change-Id: If51aba7cfb3495b42335d90a1600734da17d4d42
 2021-04-06 09:00:52 +00:00
TreeHugger Robot
bcfa963d8c Merge "Hide non-system overlay window on ActivityPicker" into rvc-dev am: 759dc67158 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13835816

Change-Id: I216ace1db29e22ea1697ad026b5c2203dc3bcfa0
 2021-04-06 09:00:37 +00:00
TreeHugger Robot
7a09c0613f Merge "Hide non-system overlay window on ActivityPicker" into pi-dev 2021-04-06 08:23:13 +00:00
TreeHugger Robot
759dc67158 Merge "Hide non-system overlay window on ActivityPicker" into rvc-dev 2021-04-06 08:22:07 +00:00
Pavel Grafov
9ca72695fd Prevent disconnecting admin-configured VPN am: 735a216da3 
Original change: https://googleplex-android-review.googlesource.com/c/platform/packages/apps/Settings/+/13931528

Change-Id: Ifdd9d0de8d3b91f4cef6dbf470bd43f0f2ba7d47
 2021-04-02 19:02:16 +00:00