diff options
author | Alex Klyubin <klyubin@google.com> | 2015-03-27 10:17:55 -0700 |
---|---|---|
committer | Alex Klyubin <klyubin@google.com> | 2015-04-01 11:37:07 -0700 |
commit | f5c662d5ac2ffc887660ff2957dfe4e1e8abc56a (patch) | |
tree | bf3ed70565f460a32ffae744d75976c0ca97c5e2 /src/com/android/providers/downloads/DownloadThread.java | |
parent | 5e116a6d63b4f5060041adeeb1bdc2b0585266cd (diff) | |
download | android_packages_providers_DownloadProvider-f5c662d5ac2ffc887660ff2957dfe4e1e8abc56a.tar.gz android_packages_providers_DownloadProvider-f5c662d5ac2ffc887660ff2957dfe4e1e8abc56a.tar.bz2 android_packages_providers_DownloadProvider-f5c662d5ac2ffc887660ff2957dfe4e1e8abc56a.zip |
Make DownloadProvider honor the cleartext traffic policy.
This makes the Provider-side of the DownloadManager framework honor
the per-UID cleartext network traffic policy. The policy is enforced
in the Provider rather than in its client (DownloadManager) because
download URLs could get redirected between HTTPS and HTTP and only
the Provider currently has visibility into and control over this.
Whether cleartext network traffic is permitted is a per-package
policy. However, the DownloadProvider can only access the UID of the
requesting application. Multiple packages can run under the same UID.
In that scenario, cleartext traffic is permited for the UID if
cleartext traffic is permitted for any of the packages running under
the UID. This could be improved by making the DownloadManager provide
the package name in addition to the UID.
Bug: 19215516
Change-Id: Ib37585a7a2fc2869954d52a1b08052926f49bc9b
Diffstat (limited to 'src/com/android/providers/downloads/DownloadThread.java')
-rw-r--r-- | src/com/android/providers/downloads/DownloadThread.java | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/com/android/providers/downloads/DownloadThread.java b/src/com/android/providers/downloads/DownloadThread.java index c75e4193..325b4eee 100644 --- a/src/com/android/providers/downloads/DownloadThread.java +++ b/src/com/android/providers/downloads/DownloadThread.java @@ -48,6 +48,7 @@ import android.net.INetworkPolicyListener; import android.net.NetworkInfo; import android.net.NetworkPolicyManager; import android.net.TrafficStats; +import android.net.Uri; import android.os.ParcelFileDescriptor; import android.os.PowerManager; import android.os.Process; @@ -350,8 +351,17 @@ public class DownloadThread implements Runnable { throw new StopRequestException(STATUS_BAD_REQUEST, e); } + boolean cleartextTrafficPermitted = mSystemFacade.isCleartextTrafficPermitted(mInfo.mUid); int redirectionCount = 0; while (redirectionCount++ < Constants.MAX_REDIRECTS) { + // Enforce the cleartext traffic opt-out for the UID. This cannot be enforced earlier + // because of HTTP redirects which can change the protocol between HTTP and HTTPS. + if ((!cleartextTrafficPermitted) && ("http".equalsIgnoreCase(url.getProtocol()))) { + throw new StopRequestException(STATUS_BAD_REQUEST, + "Cleartext traffic not permitted for UID " + mInfo.mUid + ": " + + Uri.parse(url.toString()).toSafeString()); + } + // Open connection and follow any redirects until we have a useful // response with body. HttpURLConnection conn = null; |