-
-
Notifications
You must be signed in to change notification settings - Fork 191
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Validate hosts file URL #486
Conversation
This class uses standard Android facilities to check for the hosts URL validity. Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
HostsTextPreference does not enforce use of the http/https prefix. We add it when creating an URL object instead. Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
Signed-off-by: Gianguido Sora <g.sora4@gmail.com>
|
||
} | ||
} catch (MalformedURLException ex) { | ||
Toast.makeText(ActivitySettings.this, ex.toString(), Toast.LENGTH_LONG).show(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Generally the caller should check the validity of its arguments to keep the calling code as simple as possible.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What about moving the entire validation path (RFC 3987 + http{s} prefix presence) to HostsTextPreference? I have a working example ready to be pushed.
@@ -90,6 +94,8 @@ | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.Set; | |||
import java.util.regex.Matcher; | |||
import java.util.regex.Pattern; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unused imports?
EditTextPreference pref_hosts_url = (EditTextPreference) screen.findPreference("hosts_url"); | ||
final HostsTextPreference pref_hosts_url = (HostsTextPreference) screen.findPreference("hosts_url"); | ||
|
||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Extra blank lines?
} else { | ||
hostsURL = new URL(hostsPresumedURL); | ||
|
||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Unneeded braces.
Reason: to keep as many as possible code lines on screen, the number of opening/closing braces should be kept to a minimum.
if(dlg instanceof AlertDialog) { | ||
AlertDialog alertDlg = (AlertDialog)dlg; | ||
Button btn = alertDlg.getButton(AlertDialog.BUTTON_POSITIVE); | ||
boolean enable = Patterns.WEB_URL.matcher(getEditText().getText().toString()).matches(); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Isn't this going to be slow on low end devices?
@Override | ||
protected void showDialog(Bundle state) { | ||
super.showDialog(state); | ||
getEditText().removeTextChangedListener(mTextWatcher); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why removing the watcher?
The idea is good, but some details needs to be worked out. |
Thanks for doing this and creating a pull request. |
Sadly my Android skills aren't that sharp, but this is a contribution I felt was needed. Thank you for pointing out all the flaws on my code, I'll try to correct them as soon as possible. |
…Type is now set to URI
1) the inner edittext now doesn't show the error message anymore, since the validation is now more prolific 2) the watcher is not removed from the edittext, just added
Toast.makeText(ActivitySettings.this, ex.toString(), Toast.LENGTH_LONG).show(); | ||
} | ||
|
||
new DownloadTask(ActivitySettings.this, hostsURL, tmp, new DownloadTask.Listener() { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This will crash on a MalformedURLException (hostsURL null), better restore the original.
Basically only EditTextPreference needs to be changed into HostsTextPreference on line 292.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The default behaviour has been restored, please see commit 647e981
The previous behaviour has been restored as suggested in M66B/NetGuard#486 (review)
switch (which) { | ||
case DialogInterface.BUTTON_POSITIVE: { | ||
String hostsPresumedURL = getEditText().getText().toString(); | ||
if (!(hostsPresumedURL.startsWith("http://") || hostsPresumedURL.startsWith("https://"))) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What if somebody wants to enter a file:// URI type?
Better use getScheme of Uri to check if there is a scheme and build a new URI with the default https (not http) scheme.
https://developer.android.com/reference/android/net/Uri.html#getScheme()
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Since Patterns.WEB_URL
doesn't match any URI type other than HTTP, HTTPS and RTSP, the "OK" button wouldn't be enabled, thus preventing any exception.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Then this is not an acceptable solution, because there is more in the world than only those protocols.
Google doesn't seem to comply to the standards as well: https://www.ietf.org/rfc/rfc3987.txt
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I've just noticed that, they even tell that in the documentation.
I'll try to come up with a better regex in the next few days.
7141894
to
1ffb95a
Compare
I am going to close this pull request, since it seems abandoned and it is being misuse for somebody else's requests. |
This patchset adds logic needed to validate hosts file's URL, using both a custom EditTextPreference to just verify if it's a tangible URL (all done using Android parsing and validation facilities), and a simple conditional statement to make sure we never create URL objects without the http/https prefix.