Commit Graph

12 Commits

Author SHA1 Message Date
Rohan Shah
9046b84805 Limit account id and id to longs
The security issue occurs because id is allowed to be an arbitrary
path instead of being limited to what it is -- a long. Both id
and account id are now parsed into longs (and if either fails, an
error will be logged and null will be returned).

Tested/verified error is logged using the reported attack.

BUG=30745403

Change-Id: Ia21418545bbaeb96fb5ab6c3f4e71858e57b8684
(cherry picked from commit 9794d7e8216138adf143a3b6faf3d5683316a662)
2016-08-25 21:56:27 -07:00
Martin Hibdon
99665fe7bf Disable smart foward/reply
b/17720266
When replying to a message, sometimes the wrong message
is included in the reply. This seems to be related to
smart reply/forward, since it only has ever been known to
happen on an Exchange 2013 server. For now, disable smart
reply/forward.
We do this by making the EmailProvider always zero out the
FLAGS_SUPPORTS_SMART_FORWARD bit on the account. This way
we can control this feature from the Email app, rather than
Exchange.

Change-Id: I88bb5f06a1098f9f085592b0a3cf1a01d9eb3fc7
2014-10-21 13:07:36 -07:00
Martin Hibdon
f61e098a41 Correctly update UI_SYNC_STATUS upon search
b/17377040

Change-Id: I5cf9281fa204ac780b737215a86362a8317d63b6
2014-10-16 14:22:49 -07:00
Martin Hibdon
5fde01e4a9 Merge "Set the search mailbox's syncState as soon as a search is requested" into ub-gmail-ur14-dev 2014-10-10 20:12:43 +00:00
Martin Hibdon
00fbbb24b3 Set the search mailbox's syncState as soon as a search is requested
b/15868294
b/17377040
When we do a search, we clear the current contents of the search mailbox,
and then send a request to whatever service is appropriate (IMAP or
Exchange.) The service then begins a sync and updates the sync state.
The thing is, this leaves a time window when the sync state is still
NONE, but no contents have been loaded yet.
So now, as soon as the search request is made, we set the sync state
to LIVE, then send off the request. That should keep the empty state
view hidden until we actually do the sync.

Change-Id: Ia97e1cf2773db460fdf32aaa45205c4e6034527d
2014-10-10 11:35:27 -07:00
Martin Hibdon
89272781fa EmailProvider now supports query and getType for cached file urls
b/17573792
This is needed so that we can send cached files as attachments.
This case comes up if you edit a draft with an attachment,
view the attachment, and then share that with Email.
Also, update the manifest so that EmailProvider grants
uri permission for cachedFiles.

Change-Id: Ib32ae8360b627823af9361cba05e0e5dbd0ae4ca
2014-10-10 11:17:52 -07:00
Tony Mantler
b62067e3c3 Make sure old body files don't contaminate new messages
If we have an error writing an old body file and overwrite the same ID,
we might end up in a situation where we have HTML from one message and Text
from another. Clean up the body files before insert to avoid this.

b/17720266

Change-Id: I2fb18fa24c6f3bc01e7c877e2f3bfccee6a34015
2014-10-01 14:02:17 -07:00
James Lemieux
69ba565b62 Merge "Combined view should also display client-side sanitized HTML" into ub-gmail-ur14-dev 2014-09-30 23:11:37 +00:00
James Lemieux
aa2ca51477 Combined view should also display client-side sanitized HTML
b/16206516

Change-Id: I23385f2c29a55a155a4842226d4f1f37943338d2
2014-09-30 14:17:23 -07:00
James Lemieux
40236a8931 Display sync errors using snackbar and not as a TL footer
b/16463253

The FAB compose button overlaps the action button found in the TL footer
when network errors occur during sync. To avoid this overlap, the snackbar
is used to display these errors and they no longer appear as a TL footer.

In order to signal the sync error to AAC for display in the snackbar, the
Folder.lastSyncResult needed to be encoded in the manner that AAC reads.
This was not happening for POP/IMAP/Exchange accounts, so a large portion
of this change is encoding that value properly every place it is written.

To ensure the value is read/written properly everywhere, common methods were
introduced in UIProvider that do this work. UIProviderTest was also added
to ensure the read/write methods agree with each other.

Finally, the display of the "Load More" TL footer was updated to match the
latest spec.

Change-Id: I9d3ae1157f288f05b0fed4d1385858f6c9ebfbf9
2014-09-29 17:51:27 -07:00
Martin Hibdon
3c2f782c35 When we migrate Exchange folders, set the sync status to INITIAL_SYNC_NEEDED
b/17443087
When we migrate exchange accounts, we copy mailboxes over to the
new account (in order to preserve sync frequency and window).
The problem with this is, you may have many accounts/mailboxes.
After starting the app, it may take quite a long time before all
mailboxes are synced. If the user visits some mailbox near the
bottom, they'll see a misleading "folder is empty" view.
Now, when migrating, we'll set the uisyncstatus to INITIAL_SYNC_NEEDED.

Here I needed to add INITAL_SYNC_NEEDED to the list of states
that EmailConversationCursor will consider incompletely loaded.

Change-Id: Idef13adf9d691c03665830a2f926b1806d7591da
2014-09-26 16:02:22 -07:00
Paul Westbrook
bb68c13afa Changes to support smaller email tombstone apk size
This reduces the tombstone down by 100K

A follow-on cl will remove the unused resources from the tombstone build

Bug: 17414014
Change-Id: I5d38811b17a5273ec726e750ab123e10e36cee04
2014-09-16 13:59:07 -07:00