| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is able to compose message with hidden attachments and bypass
attachments path checks attaching private files from
/data/data/com.android.email/*
+ Ported the following CLs. Code is different from gmail. Made the changes
to work with Email.
++ https://critique.corp.google.com/#review/136780360
+++ Add isExternal() to ComposeActivity.java and it always returns false.
Treat body and quoted text as plaintext if intent is external.
++ https://critique.corp.google.com/#review/137654162
+++ Don't let other apps use our EXTRA_MESSAGE.
Load EXTRA_MESSAGE only if action is LAUNCH_COMPOSE.
LAUNCH_COMPOSE action is an internal only action: b/32068883.
++ https://critique.corp.google.com/#review/142296051
+++ Don't let external Intent use EXTRA_MESSAGE
Bug: 32068883
Bug: 32502421
Bug: 32589229
Test: manual - Ran the following tests on Pixel phone. Tested the Email UI.
$ adb install -r out/target/product/marlin/system/app/Email/Email.apk
$ adb install -r app-debug.apk
Success
$ adb shell am start -n com.test.poc.poc32589229/.MainActivity -a android.intent.action.MAIN
Starting: Intent { act=android.intent.action.MAIN cmp=com.test.poc.poc32589229/.MainActivity }
Duplicated the steps in https://b.corp.google.com/issues/32589229#comment5
and didn't get the attachments after the fix (was getting attachments before the fix).
logcat output:
11-21 03:45:48.927 11705 11705 I poc-test: sending a hidden file attachment
11-21 03:45:48.929 11705 11705 I poc-test: Sending contentType: text/html, previewImage: null
11-21 03:45:48.935 914 4482 I ActivityManager: START u0 {act=com.android.mail.intent.action.LAUNCH_COMPOSE pkg=com.android.email cmp=com.android.email/.activity.ComposeActivityEmail (has extras)} from uid 10072
11-21 03:45:48.935 914 4482 W ActivityManager: Permission Denial: starting Intent { act=com.android.mail.intent.action.LAUNCH_COMPOSE pkg=com.android.email cmp=com.android.email/.activity.ComposeActivityEmail (has extras) } from ProcessRecord{6941817 11705:com.test.poc.poc32589229/u0a72} (pid=11705, uid=10072) not exported from uid 10062
11-21 03:45:48.937 11705 11705 D AndroidRuntime: Shutting down VM
--------- beginning of crash
11-21 03:45:48.940 11705 11705 E AndroidRuntime: FATAL EXCEPTION: main
11-21 03:45:48.940 11705 11705 E AndroidRuntime: Process: com.test.poc.poc32589229, PID: 11705
11-21 03:45:48.940 11705 11705 E AndroidRuntime: java.lang.IllegalStateException: Could not execute method for android:onClick
...
11-21 03:45:48.940 11705 11705 E AndroidRuntime: Caused by: java.lang.SecurityException: Permission Denial: starting Intent { act=com.android.mail.intent.action.LAUNCH_COMPOSE pkg=com.android.email cmp=com.android.email/.activity.ComposeActivityEmail (has extras) } from ProcessRecord{6941817 11705:com.test.poc.poc32589229/u0a72} (pid=11705, uid=10072) not exported from uid 10062
$ adb install -r out/target/product/marlin/testcases/EmailTests/EmailTests.apk
Performing Streamed Install
Success
$ adb shell am instrument -w com.android.email.tests
The number of failures are same as before (with or without this change).
Tests run: 158, Failures: 5
Change-Id: If6e2a2efa08b75675c980b72735cde8252e95760
(cherry picked from commit 3526a4ac552f93a83ea838ddae5de45e1e068af0)
|
|
|
|
|
|
| |
Bug: b/66230183
Change-Id: I6715358a07bc5bd9de6ee877b4a235a974767536
(cherry picked from commit 53b40fd185517ca82a0c4305570c5a5e3b83abf0)
|
|
|
|
|
|
|
|
|
|
|
| |
This is to backport a security fix reported in b/71814449 and
b/72569023. Fix is using the same approach as b/27308057, which is to
prevent Compose from accepting URIs with our own email attachment
provider.
Bug: b/71814449
Change-Id: Idcc002b94bcea913383b54bcf1dc5c3e1d254ded
(cherry picked from commit 44a5db2dc0ace4d360699c11c27d5c10b43ad628)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A custom picker can be used to attach files to Compose activity. With
this change, we are disallowing files belonging to file:///data/... to
be attached from custom pickers, in order not to expose internal
application data.
If the Intent Uri is a "file" and the file is in
`Environment.getDataDirectory()`, then throw a
AttachmentFailureException
which is caught immediately and shows a toast to the user.
Details b/31494146#comment13
Fix b/32615212
Change-Id: I037888b01fef1cdf5053602cdf9194286d5648df
(cherry picked from commit eace8b43e8d1512a205554715ca840324bfbe35f)
(cherry picked from commit 1de59f75ce361d86ada269a3bc5bf9078f1fd6d0)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Getting this with Good Work installed
If there is multiple apps that registers to handle same intent excpetion
is raised while unmarshaling Conversatin parcel because of wrong ClassLoader
being used.
Fix it by setting ClassLoader for extras in intent to properly unmashal
Conversation parcel.
Change-Id: I4c296d503d5ab3f3222e3bf14de7e9864c8c7085
|
|
|
|
|
|
|
|
|
|
| |
Currently a StrictMode violation gets triggered everytime
MimeUtility#getTextFromPart gets called.
Ensure we are always closing streams in the finally block.
Change-Id: If332487fae43f59d3785841ac7122b8f2b200255
Signed-off-by: Alexander Martinz <eviscerationls@gmail.com>
|
|\
| |
| |
| |
| |
| |
| | |
Ticket: CYNGNOS-2373
Android 6.0.1 release 43 (MOB30J)
Change-Id: I08ca60b70bbdbea4ce8dfc764d8454f04c5b7879
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
EmailProvider.
This is to backport a security fix reported by b/27308057 and b/27335139.
Also, add Analytics for these errors.
Bug: b/27335139
Change-Id: I75f6d8f5feb9fc611aa2e429e2b22cbd07223ab9
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 24ed2941ab132e4156bd38f0ab734c81dae8fc2e allows file://
attachment on the /data directory if they are from the same process.
This was done to work around applications that shared their internal
data file. However, this is bad practice, and other apps should share
content:// Uri instead.
With this change, Email doesn't allow this anymore. This fixes
security issue 199888.
Also, add Analytics for these errors
compose_errors > send_intent_attachment > data_dir
https://code.google.com/p/android/issues/detail?id=199888
b/26989185
Change-Id: I7cae3389f4f7cf5f86600a58c6ccdffaf889d1c3
|
|\ \
| | |
| | |
| | |
| | | |
Ticket: CYNGNOS-2213
Android 6.0.1 release 24
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Commit 24ed2941ab132e4156bd38f0ab734c81dae8fc2e allows file://
attachment on the /data directory if they are from the same process.
This was done to work around applications that shared their internal
data file. However, this is bad practice, and other apps should share
content:// Uri instead.
With this change, Email doesn't allow this anymore. This fixes
security issue 199888.
Also, add Analytics for these errors
compose_errors > send_intent_attachment > data_dir
https://code.google.com/p/android/issues/detail?id=199888
b/26989185
Change-Id: I7cae3389f4f7cf5f86600a58c6ccdffaf889d1c3
|
| |
| |
| |
| | |
Change-Id: Ia0ab851a33aa335724d83dadddf45adbfc1013c6
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Allow to move emails to Trash, Drafts and Spam system folders, plus the previous Inbox
system folder. Add a extra check for folder move capabilities before add it to the
candidate list of system folders.
Change-Id: I0cb77acee230011d904d9188a5ddac16314a504b
JIRA: CYAN-7037
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
(cherry picked from commit 95cc3e919ed24b7f11835e68e4686b0cd49a528f)
|
| |
| |
| |
| | |
Change-Id: I19f751482d8cf6896757774f78a657e79bef0983
|
| |
| |
| |
| | |
Change-Id: Ie068bcb3e0f7f92fc4dc799f5d8913731d5296ba
|
| |
| |
| |
| |
| |
| | |
Fixes DOGEDUMP-1106
Change-Id: I8eb67deac2e4190d4df40998d992490fcea47db6
|
| |
| |
| |
| |
| |
| |
| |
| | |
Allow linkify and open phone numbers in emails
JIRA: CML-117
Change-Id: I039d2d412a7d8dfd0dcc5a78dd214a282811ba6b
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Currently, Conversion#parseBodyFields close the inputstream associated to
the temporary binary attachment stream after reading the textContent and the snipet.
This will prevent to copy to the destination database folder for inline attachments.
Just let the attachment to be closed for LegacyConversions#addOneAttachment method.
Requires: http://review.cyanogenmod.org/#/c/98128
Change-Id: Ibe41e1896d6867cae0ee080f1556d7fa9e88966d
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| | |
Change-Id: I34b4149afff1c6688cf5e032ff82fdb41227cdb9
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| | |
Change-Id: I44470b6b5a1ec7787e8876e2ec74ac6c8508dbe6
JIRA: CYAN-2925
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| |
| | |
Don't start swipe if the user has disabled it by settings
Change-Id: I79b2d694219dc6497fbe85d7608bd36ee48a42d7
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| | |
Change-Id: I86513d397d75c3dc2f0dad1b3399c4ffeaabf173
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| | |
Change-Id: Ibf5e0c426467911644b97c6cc020345e0e297706
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If conversation_topmost_overlay is not ready to take the focus, if the drawerlayout
has the focus (this happens always that the drawerlayout is shown in a conversation view)
then the onBackPressed event never get dispatched to the mail activity, and press
the back button doesn't have effect.
Just double check that the conversation_topmost_overlay view can take focus. In case it
can't take the focus don't response we handled the keyup event.
Also, add a double check over the drawer slide event to prevent burger menu to be displayed
when the back arrow button should be the one displayed.
Change-Id: I964eb1eb779af13c9b2c07b77049147c2ff1f2d9
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
I couldn't find any settings in my both POP3 accounts
that is mentioned in the comment above the declaration.
It's foolish to have a Nexus 6 and can't send photos
because sometimes they are bigger than 5MB when taken with
camera.
Change-Id: I57f038f4dd96d0c99d8f31a3f9e393efd7d90467
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When users have multiple email account defines, it makes more sense
to have the account name rather than the sender
name, which is in most is the case the user itself. The vast majority
of the user known its name, so the account
name becomes a more useful information to display.
Change-Id: I866c55acc3b3b666d677b4243044c91abd0d7124
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
| |
| |
| |
| |
| |
| |
| |
| | |
This change adds support for suggested contacts (email addresses not in the contact
provider and received via email).
Change-Id: I4010d0b6cf8bbb98308c7fc13f63e9d859a87d43
Signed-off-by: Jorge Ruesga <jorge@ruesga.com>
|
|/
|
|
|
|
| |
Prevents npe
Change-Id: I3a00e82f3c80b7e8990728ccf32b22b8d09fc857
|
|
|
|
|
| |
Bug: 19369537
Change-Id: I02f35d5010c5393a5c8082f2260e3fe2934815b7
|
|\
| |
| |
| |
| |
| |
| | |
firstSnippet on mark/unmark as read"
* commit '525dfca7775adf3e01bb033122c9c7ed226ed213':
email: prevent stock email app to unset firstSnippet on mark/unmark as read
|
| |\
| | |
| | |
| | |
| | |
| | |
| | | |
mark/unmark as read"
* commit '864682f9717b460b88c6b7120c1651bbbe27fe21':
email: prevent stock email app to unset firstSnippet on mark/unmark as read
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
If the email conversation only have one message then firstSnippet is the only valid
snippet in the converation item. Multiple conversation items are only supported by Gmail
which call the "set" method to set those snippets. This changes prevents to set
firstSnippet = null when user mark/unmark the item as read in stock email app.
Change-Id: I6a0e89942e748384164c620cfd1073a8c9b8bf5e
Signed-off-by: Jorge Ruesga <j.ruesga.criado@gmail.com>
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | | |
"Combine conv and misc panes into one frame and animate that instead" into ub-gmail-ur14-dev
* commit '05e3669c3ee048637808a952d123d21a53c4c673':
Combine conv and misc panes into one frame and animate that instead
|
| |\ \
| | | |
| | | |
| | | | |
into ub-gmail-ur14-dev
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Don't rely on ViewMode to check whether to animate the conv or misc
panes because the view mode might not have been changed when we select
a new conversation or ad. Logically, these two panes should always move
together anyway because a misc frame is simply a specific way of
displaying content in the conversation view.
b/18033659
Change-Id: I5d5417e2ca77f019abbf8d739b691f2029010eae
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
the focused conversation via id instead of position" into ub-gmail-ur14-dev
* commit '7fa561f099368118cbf31df10031eef58a2b535f':
Save the focused conversation via id instead of position
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
ub-gmail-ur14-dev
|
| | |/ /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Don't rely on saving the position in the adapter because the position
might change as the adapter's data set changes (e.g. new mails via sync),
and we have no way of modifying the focused position accordingly.
Instead, save the focused conversation with its id (tried using the uri,
but the uri might change when the conversation gets cached). This way,
no matter what happens to the items in the adapter, the focused item
remains consistent.
b/18027602
Change-Id: I51aa68bc15c5892c3b34bde5c199de281390ce7b
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
"Navigate up if up is pressed for nested folders" into ub-gmail-ur14-dev
* commit 'f771600660c21af988c09c3cff364edf51219cc3':
Navigate up if up is pressed for nested folders
|
| |/ /
| | |
| | |
| | |
| | |
| | | |
b/18022259
Change-Id: Ia93e1af3684dd11362bc2608691375f351ccba3d
|
|\| |
| | |
| | |
| | |
| | |
| | |
| | | |
"Prevent rare NPE" into ub-gmail-ur14-dev
* commit 'cc7900e367e86003f5a7d2e1c28246a64d94e89c':
Prevent rare NPE
|
| |\ \ |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
b/18017065
Change-Id: I3f6c8bfcd0650adc32a601120f3dfade23eff0cc
|
|\| | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
"Programmatically set selected state to correspond to peeking conv" into ub-gmail-ur14-dev
* commit '93b9408f1f0d1609c42010db14480c271dfe948a':
Programmatically set selected state to correspond to peeking conv
|
| |\ \ \
| | | | |
| | | | |
| | | | | |
into ub-gmail-ur14-dev
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I can't simply rely on ListView#setSelection to programmatically
set the selected item because setSelection only caches the
selection internally if the view is currently in touch mode. Thus,
in touch modes, isSelected() will *always* return false for an item
in listview.
In order to know what's the current selected item, I keep track
of the selected position that corresponds EXACTLY to the listview's
selected position. Again, I can't use ListView#getSelectedItemPosition
because it will always return INVALID_POSITION in touch mode.
I change the selected position whenever a child calls setSelected()
or we programmatically call setSelected. I tried using onItemSelectedListener.
However, the listener's callback is called after the selected state
is changed AND the re-draw happened, so the UI gets inconsistent since
the selected state didn't properly update during the re-draw.
When we programmatically select an item that's visible on the screen,
we have to use ListView#setSelectionFromTop and pass in the current y
value since the default behavior is to scroll such that the selected
item is at the very top.
Also, another caveat is that I am now saving the ConversationItemView's
position in the adapter when the adapter binds data to it. I find that
this approach is much more dependable than using ListView#getPositionForView
because sometimes (for reasons beyond me) in ConversationItemView#setSelected
the listview ONLY HAS ONE CHILD (even though on the device I can see a
full list), thus getPositionForView will return index 0 since it thinks
it's the only child.. I have no clue, so I'm saving the position myself
instead.
b/18015875
Change-Id: I11897056fc9fa630eb4019532b1fd4cf41c7486a
|
|\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
peeking state
* commit '18b62bdbfe827287ba259011f6b4242126e7fad9':
restore peeking state
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Bug: 18024070
Change-Id: I0f4379e92fa1a9c67b76264ae0baa581399f5ab3
|
|\| | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
auto-close the drawer when selecting from the list
* commit 'e1c9a53d83bab16a3081f83b78ed784ff6fe07a8':
only auto-close the drawer when selecting from the list
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Previously tablet UI would close the drawer any time any conversation
would open. With peek mode, this happens a lot even when the user didn't
trigger it.
Restrict the auto-close to cases where the user actually taps/keyboard-
Enter a list item.
Bug: 18020565
Change-Id: Ia4c15c70f99619874fdd1bea760ceeb6bd2a8345
|