Skip to content

Commit

Permalink
Closes mozilla-mobile#4764: Create wrapper for Client to prevent non-…
Browse files Browse the repository at this point in the history 
…private requests.
  • Loading branch information
@pocmo
pocmo committed Mar 24, 2021
1 parent 4b05917 commit 947a180
Show file tree
Hide file tree
Showing 5 changed files with 37 additions and 5 deletions.
5 changes: 3 additions & 2 deletions app/src/main/java/org/mozilla/focus/Components.kt
View file
Expand Up @@ -27,6 +27,7 @@ import mozilla.components.feature.tabs.CustomTabsUseCases
import mozilla.components.feature.tabs.TabsUseCases
import org.mozilla.focus.components.EngineProvider
import org.mozilla.focus.downloads.DownloadService
import org.mozilla.focus.engine.ClientWrapper
import org.mozilla.focus.engine.LocalizedContentInterceptor
import org.mozilla.focus.engine.SanityCheckMiddleware
import org.mozilla.focus.notification.PrivateNotificationMiddleware
Expand Down Expand Up @@ -62,8 +63,8 @@ class Components(
}
}

val client: Client by lazy {
clientOverride ?: EngineProvider.createClient(context)
val client: ClientWrapper by lazy {
ClientWrapper(clientOverride ?: EngineProvider.createClient(context))
}

val trackingProtectionUseCases by lazy { TrackingProtectionUseCases(store, engine) }
Expand Down
29 changes: 29 additions & 0 deletions app/src/main/java/org/mozilla/focus/engine/ClientWrapper.kt
View file
@@ -0,0 +1,29 @@
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */

package org.mozilla.focus.engine

import mozilla.components.concept.fetch.Client
import mozilla.components.concept.fetch.Request
import mozilla.components.concept.fetch.Response

/**
* A wrapper around [Client] preventing [Request]s without the private flag set.
*/
class ClientWrapper(
private val actual: Client
) : Client() {
override fun fetch(request: Request): Response {
if (!request.private) {
throw IllegalStateException("Non-private request")
}

return actual.fetch(request)
}

@Deprecated("Non-private Client usage should be prevented")
fun unwrap(): Client {
return actual
}
}
3 changes: 2 additions & 1 deletion app/src/main/java/org/mozilla/focus/searchsuggestions/SearchSuggestionsFetcher.kt
View file
Expand Up @@ -81,7 +81,8 @@ class SearchSuggestionsFetcher(
val request = FetchRequest(
url = url.sanitizeURL(),
readTimeout = Pair(READ_TIMEOUT_IN_MS, TimeUnit.MILLISECONDS),
connectTimeout = Pair(CONNECT_TIMEOUT_IN_MS, TimeUnit.MILLISECONDS)
connectTimeout = Pair(CONNECT_TIMEOUT_IN_MS, TimeUnit.MILLISECONDS),
private = true
)
return fetchClient.fetch(request).body.string()
}
Expand Down
3 changes: 2 additions & 1 deletion app/src/main/java/org/mozilla/focus/settings/ManualAddSearchEngineSettingsFragment.kt
View file
Expand Up @@ -196,7 +196,8 @@ class ManualAddSearchEngineSettingsFragment : BaseSettingsFragment() {
url = searchURLStr,
connectTimeout = SEARCH_QUERY_VALIDATION_TIMEOUT_MILLIS.toLong() to TimeUnit.MILLISECONDS,
readTimeout = SEARCH_QUERY_VALIDATION_TIMEOUT_MILLIS.toLong() to TimeUnit.MILLISECONDS,
redirect = FOLLOW
redirect = FOLLOW,
private = true
)

return try {
Expand Down
2 changes: 1 addition & 1 deletion app/src/main/java/org/mozilla/focus/telemetry/TelemetryWrapper.kt
View file
Expand Up @@ -264,7 +264,7 @@ object TelemetryWrapper {

val serializer = JSONPingSerializer()
val storage = FileTelemetryStorage(configuration, serializer)
val client = TelemetryClient(context.components.client)
val client = TelemetryClient(context.components.client.unwrap())
val scheduler = JobSchedulerTelemetryScheduler()

TelemetryHolder.set(Telemetry(configuration, storage, client, scheduler)
Expand Down

0 comments on commit 947a180

Please sign in to comment.