Foreign characters may be letters and digits, but they're not allowed in Uri/Url schemes

b/11356390

Change-Id: Ic510607ab5f671e3f3f474ea3c2f4af7e9966cb1

emailcommon/src/com/android/emailcommon/utility/SSLUtils.java

@@ -175,6 +175,18 @@ public class SSLUtils {
         return wrapped;
     }
 
+    // Character.isLetter() is locale-specific, and will potentially return true for characters
+    // outside of ascii a-z,A-Z
+    private static boolean isAsciiLetter(char c) {
+        return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z');
+    }
+
+    // Character.isDigit() is locale-specific, and will potentially return true for characters
+    // outside of ascii 0-9
+    private static boolean isAsciiNumber(char c) {
+        return ('0' <= c && c <= '9');
+    }
+
     /**
      * Escapes the contents a string to be used as a safe scheme name in the URI according to
      * http://tools.ietf.org/html/rfc3986#section-3.1
@@ -189,7 +201,7 @@ public class SSLUtils {
         StringBuilder sb = new StringBuilder();
         for (int i = 0; i < s.length(); i++) {
             char c = s.charAt(i);
-            if (Character.isLetter(c) || Character.isDigit(c)
+            if (isAsciiLetter(c) || isAsciiNumber(c)
                     || ('-' == c) || ('.' == c)) {
                 // Safe - use as is.
                 sb.append(c);

tests/src/com/android/emailcommon/utility/SSLUtilsTest.java

@@ -48,6 +48,8 @@ public class SSLUtilsTest extends AndroidTestCase {
         assertSchemeNameValid(SSLUtils.escapeForSchemeName("name with spaces"));
         assertSchemeNameValid(SSLUtils.escapeForSchemeName("odd * & characters"));
         assertSchemeNameValid(SSLUtils.escapeForSchemeName("f3v!l;891023-47 +"));
+        assertSchemeNameValid(
+                SSLUtils.escapeForSchemeName("\u304d\u307f\u3092\u611b\u3057\u3066\u308b"));
     }
 
     private static final char[] RANDOM_DICT = new char[] {