android_packages_apps_Email/src/com, branch cm-13.0

AOSP/Email - Second part of the Security Vulnerability fix -

2019-03-23T14:58:36+00:00

Email App: Malicious app is able to compose message with hidden
attachments and bypass attachments path checks attaching private files
from /data/data/com.android.email/*

+ Ported the following CLs. Code is different from gmail. Made the changes
to work with Email.
++ https://critique.corp.google.com/#review/136780360
+++ Differentiating our Compose intents from other app's intent.
Added ComposeActivityEmailExternal method and it always returns true.
Treat body and quoted text as plaintext if intent is external.

Bug: 32068883
Bug: 32502421
Bug: 32589229

Test: manual - Ran the following tests on Pixel phone. Tested the Email UI.

$ adb install -r out/target/product/marlin/system/app/Email/Email.apk

$ adb install -r app-debug.apk
Success

$ adb shell am start -n com.test.poc.poc32589229/.MainActivity -a android.intent.action.MAIN
Starting: Intent { act=android.intent.action.MAIN cmp=com.test.poc.poc32589229/.MainActivity }

Duplicated the steps in https://b.corp.google.com/issues/32589229#comment5
and didn't get the attachments after the fix (was getting attachments before the fix).

$ adb install -r out/target/product/marlin/testcases/EmailTests/EmailTests.apk
Performing Streamed Install
Success

$ adb shell am instrument -w com.android.email.tests
The number of failures are same as before (with or without this change).
Tests run: 158, Failures: 5

Change-Id: I4eda17af7f60e1c92f49ffa6025b328f6481ec76
(cherry picked from commit c87d04b8c190f52c4f7e8a22dfaa2b5e065415fe)

Disallow attaching files from our own EmailAttachmentProvider.

2018-04-06T20:29:59+00:00

This is to backport a security fix reported in b/71814449 and
b/72569023. Fix is using the same approach as b/27308057, which is to
prevent Compose from accepting URIs with our own email attachment
provider.

Bug: b/71814449
Change-Id: Ib9df21648d00d2ef2da9fac05cc39fee253de8e2
(cherry picked from commit 7227751994624bdb2ba958714cc861b8bab41634)

Merge tag 'android-6.0.1_r43' into HEAD

2016-05-03T19:00:00+00:00

Ticket: CYNGNOS-2373
Android 6.0.1 release 43 (MOB30J)

Change-Id: I1241266b370fb1ba0560217684002d01867a0c77

Don't allow cachedFile Attachments if the content Uri is pointing to EmailProvider.

2016-03-26T00:48:04+00:00

This is to backport a security fix reported by b/27308057 and b/27335139.
Also, add Analytics for these errors.

Bug: b/27335139
Change-Id: Iaacb34e4983cdf9a85487222ae930cb64d80a193

Improve notification coalescence algorithm.

2016-01-21T07:32:40+00:00

Instead of coalescing for 15 seconds after the first change
notification, coalesce until change notifications have been idle for at
least 2 seconds. This avoids long update delays, which is especially
jarring when using notifications on a wearable and the initial
notification didn't yet include the message body.
Also skip coalescence entirely for deletions; update immediately in that
case.

Change-Id: I67bed9a1af7b023020b0fd5429495eb45000e858

email: Add an ActionBar to the mail app's PreferenceActivity

2015-10-18T21:06:01+00:00

Change-Id: Id2ed98d2c2cd6648e179fb2942f3bc4479049cd0
Signed-off-by: Jorge Ruesga

email: fix Exchange sync frequency account setup

2015-10-18T21:05:32+00:00

Auto sync is not displayed as an option in sync frequency settings, because capabilities
aren't filled. Just ensure account capabilities are always saved.

Change-Id: I70b7ab9464a99eebf7f82726faa0fb2418e09a99
Signed-off-by: Jorge Ruesga

email: imap push

2015-10-18T21:05:32+00:00

Change-Id: I8a184a5644e4322ee65d969e14cd47fe119f5df2
Signed-off-by: Jorge Ruesga

email: custom notification lights

2015-10-18T21:03:25+00:00

Change-Id: I3aaed3c682ae33da925316a5b9a586796fe71229
Signed-off-by: Jorge Ruesga

email: fix eas autodiscover

2015-10-18T21:03:24+00:00

Change-Id: Ifaf5f757f7f844e49f0ac635b477fcbef4926293
Signed-off-by: Jorge Ruesga