Validate hosts file URL #486
Conversation
This class uses standard Android facilities to check for the hosts URL validity. Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
HostsTextPreference does not enforce use of the http/https prefix. We add it when creating an URL object instead. Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
|
|
||
| } | ||
| } catch (MalformedURLException ex) { | ||
| Toast.makeText(ActivitySettings.this, ex.toString(), Toast.LENGTH_LONG).show(); |
There was a problem hiding this comment.
Generally the caller should check the validity of its arguments to keep the calling code as simple as possible.
There was a problem hiding this comment.
What about moving the entire validation path (RFC 3987 + http{s} prefix presence) to HostsTextPreference? I have a working example ready to be pushed.
| @@ -90,6 +94,8 @@ | |||
| import java.util.List; | |||
| import java.util.Map; | |||
| import java.util.Set; | |||
| import java.util.regex.Matcher; | |||
| import java.util.regex.Pattern; | |||
| EditTextPreference pref_hosts_url = (EditTextPreference) screen.findPreference("hosts_url"); | ||
| final HostsTextPreference pref_hosts_url = (HostsTextPreference) screen.findPreference("hosts_url"); | ||
|
|
||
|
|
| } else { | ||
| hostsURL = new URL(hostsPresumedURL); | ||
|
|
||
| } |
There was a problem hiding this comment.
Unneeded braces.
Reason: to keep as many as possible code lines on screen, the number of opening/closing braces should be kept to a minimum.
| if(dlg instanceof AlertDialog) { | ||
| AlertDialog alertDlg = (AlertDialog)dlg; | ||
| Button btn = alertDlg.getButton(AlertDialog.BUTTON_POSITIVE); | ||
| boolean enable = Patterns.WEB_URL.matcher(getEditText().getText().toString()).matches(); |
There was a problem hiding this comment.
Isn't this going to be slow on low end devices?
| @Override | ||
| protected void showDialog(Bundle state) { | ||
| super.showDialog(state); | ||
| getEditText().removeTextChangedListener(mTextWatcher); |
|
The idea is good, but some details needs to be worked out. |
|
Thanks for doing this and creating a pull request. |
|
Sadly my Android skills aren't that sharp, but this is a contribution I felt was needed. Thank you for pointing out all the flaws on my code, I'll try to correct them as soon as possible. |
…Type is now set to URI
1) the inner edittext now doesn't show the error message anymore, since the validation is now more prolific 2) the watcher is not removed from the edittext, just added
| Toast.makeText(ActivitySettings.this, ex.toString(), Toast.LENGTH_LONG).show(); | ||
| } | ||
|
|
||
| new DownloadTask(ActivitySettings.this, hostsURL, tmp, new DownloadTask.Listener() { |
There was a problem hiding this comment.
This will crash on a MalformedURLException (hostsURL null), better restore the original.
Basically only EditTextPreference needs to be changed into HostsTextPreference on line 292.
There was a problem hiding this comment.
The default behaviour has been restored, please see commit 647e981
The previous behaviour has been restored as suggested in M66B/NetGuard#486 (review)
| switch (which) { | ||
| case DialogInterface.BUTTON_POSITIVE: { | ||
| String hostsPresumedURL = getEditText().getText().toString(); | ||
| if (!(hostsPresumedURL.startsWith("http://") || hostsPresumedURL.startsWith("https://"))) { |
There was a problem hiding this comment.
What if somebody wants to enter a file:// URI type?
Better use getScheme of Uri to check if there is a scheme and build a new URI with the default https (not http) scheme.
https://developer.android.com/reference/android/net/Uri.html#getScheme()
There was a problem hiding this comment.
Since Patterns.WEB_URL doesn't match any URI type other than HTTP, HTTPS and RTSP, the "OK" button wouldn't be enabled, thus preventing any exception.
There was a problem hiding this comment.
Then this is not an acceptable solution, because there is more in the world than only those protocols.
Google doesn't seem to comply to the standards as well: https://www.ietf.org/rfc/rfc3987.txt
There was a problem hiding this comment.
I've just noticed that, they even tell that in the documentation.
I'll try to come up with a better regex in the next few days.
M66B
force-pushed
the
master
branch
4 times, most recently
from
7141894
to
1ffb95a
Compare
|
I am going to close this pull request, since it seems abandoned and it is being misuse for somebody else's requests. |
This patchset adds logic needed to validate hosts file's URL, using both a custom EditTextPreference to just verify if it's a tangible URL (all done using Android parsing and validation facilities), and a simple conditional statement to make sure we never create URL objects without the http/https prefix.