From 76fb17c972e5d1e7ca9d603bda08026e57776728 Mon Sep 17 00:00:00 2001 From: Daniel Gultsch Date: Fri, 26 Apr 2019 12:05:52 +0200 Subject: [PATCH] add contact dialog: warn on suspicious addresses --- .../conversations/ui/BlocklistActivity.java | 3 +- .../ui/ChooseContactActivity.java | 3 +- .../conversations/ui/EnterJidDialog.java | 81 +++++++++++++++---- .../ui/StartConversationActivity.java | 3 +- src/main/res/values/strings.xml | 3 + 5 files changed, 74 insertions(+), 19 deletions(-) diff --git a/src/main/java/eu/siacs/conversations/ui/BlocklistActivity.java b/src/main/java/eu/siacs/conversations/ui/BlocklistActivity.java index cca8e9c6d..74d2d3392 100644 --- a/src/main/java/eu/siacs/conversations/ui/BlocklistActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/BlocklistActivity.java @@ -73,7 +73,8 @@ public class BlocklistActivity extends AbstractSearchableListItemActivity implem getString(R.string.block), null, account.getJid().asBareJid().toString(), - true + true, + false ); dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> { diff --git a/src/main/java/eu/siacs/conversations/ui/ChooseContactActivity.java b/src/main/java/eu/siacs/conversations/ui/ChooseContactActivity.java index facc3f32f..b79c32f5c 100644 --- a/src/main/java/eu/siacs/conversations/ui/ChooseContactActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/ChooseContactActivity.java @@ -313,7 +313,8 @@ public class ChooseContactActivity extends AbstractSearchableListItemActivity im getString(R.string.select), jid == null ? null : jid.asBareJid().toString(), getIntent().getStringExtra(EXTRA_ACCOUNT), - true + true, + false ); dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> { diff --git a/src/main/java/eu/siacs/conversations/ui/EnterJidDialog.java b/src/main/java/eu/siacs/conversations/ui/EnterJidDialog.java index 39be7d987..98cc492dc 100644 --- a/src/main/java/eu/siacs/conversations/ui/EnterJidDialog.java +++ b/src/main/java/eu/siacs/conversations/ui/EnterJidDialog.java @@ -1,24 +1,20 @@ package eu.siacs.conversations.ui; import android.app.Activity; +import android.app.Dialog; import android.databinding.DataBindingUtil; +import android.os.Bundle; import android.support.annotation.NonNull; import android.support.v4.app.DialogFragment; -import android.os.Bundle; import android.support.v7.app.AlertDialog; -import android.app.Dialog; -import android.util.Log; -import android.view.KeyEvent; +import android.text.Editable; +import android.text.TextWatcher; import android.view.View; import android.widget.ArrayAdapter; -import android.widget.AutoCompleteTextView; -import android.widget.Spinner; -import android.widget.TextView; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collection; -import java.util.Collections; -import java.util.HashSet; import java.util.List; import eu.siacs.conversations.Config; @@ -29,7 +25,10 @@ import eu.siacs.conversations.ui.interfaces.OnBackendConnected; import eu.siacs.conversations.ui.util.DelayedHintHelper; import rocks.xmpp.addr.Jid; -public class EnterJidDialog extends DialogFragment implements OnBackendConnected { +public class EnterJidDialog extends DialogFragment implements OnBackendConnected, TextWatcher { + + + private static final List SUSPICIOUS_DOMAINS = Arrays.asList("conference","muc","room","rooms","chat"); private OnEnterJidDialogPositiveListener mListener = null; @@ -39,12 +38,21 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected private static final String ACCOUNT_KEY = "account"; private static final String ALLOW_EDIT_JID_KEY = "allow_edit_jid"; private static final String ACCOUNTS_LIST_KEY = "activated_accounts_list"; + private static final String SANITY_CHECK_JID = "sanity_check_jid"; private KnownHostsAdapter knownHostsAdapter; + private EnterJidDialogBinding binding; + private AlertDialog dialog; + private boolean sanityCheckJid = false; + + + private boolean issuedWarning = false; + public static EnterJidDialog newInstance(final List activatedAccounts, final String title, final String positiveButton, - final String prefilledJid, final String account, boolean allowEditJid) { + final String prefilledJid, final String account, + boolean allowEditJid, final boolean sanity_check_jid) { EnterJidDialog dialog = new EnterJidDialog(); Bundle bundle = new Bundle(); bundle.putString(TITLE_KEY, title); @@ -53,6 +61,7 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected bundle.putString(ACCOUNT_KEY, account); bundle.putBoolean(ALLOW_EDIT_JID_KEY, allowEditJid); bundle.putStringArrayList(ACCOUNTS_LIST_KEY, (ArrayList) activatedAccounts); + bundle.putBoolean(SANITY_CHECK_JID, sanity_check_jid); dialog.setArguments(bundle); return dialog; } @@ -77,9 +86,10 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected public Dialog onCreateDialog(Bundle savedInstanceState) { final AlertDialog.Builder builder = new AlertDialog.Builder(getActivity()); builder.setTitle(getArguments().getString(TITLE_KEY)); - EnterJidDialogBinding binding = DataBindingUtil.inflate(getActivity().getLayoutInflater(), R.layout.enter_jid_dialog, null, false); + binding = DataBindingUtil.inflate(getActivity().getLayoutInflater(), R.layout.enter_jid_dialog, null, false); this.knownHostsAdapter = new KnownHostsAdapter(getActivity(), R.layout.simple_list_item); binding.jid.setAdapter(this.knownHostsAdapter); + binding.jid.addTextChangedListener(this); String prefilledJid = getArguments().getString(PREFILLED_JID_KEY); if (prefilledJid != null) { binding.jid.append(prefilledJid); @@ -90,6 +100,7 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected binding.jid.setCursorVisible(false); } } + sanityCheckJid = getArguments().getBoolean(SANITY_CHECK_JID, false); DelayedHintHelper.setHint(R.string.account_settings_example_jabber_id, binding.jid); @@ -110,14 +121,14 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected builder.setView(binding.getRoot()); builder.setNegativeButton(R.string.cancel, null); builder.setPositiveButton(getArguments().getString(POSITIVE_BUTTON_KEY), null); - AlertDialog dialog = builder.create(); + this.dialog = builder.create(); View.OnClickListener dialogOnClick = v -> { - handleEnter(binding, account, dialog); + handleEnter(binding, account); }; binding.jid.setOnEditorActionListener((v, actionId, event) -> { - handleEnter(binding, account, dialog); + handleEnter(binding, account); return true; }); @@ -126,7 +137,7 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected return dialog; } - private void handleEnter(EnterJidDialogBinding binding, String account, Dialog dialog) { + private void handleEnter(EnterJidDialogBinding binding, String account) { final Jid accountJid; if (!binding.account.isEnabled() && account == null) { return; @@ -148,6 +159,21 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected return; } + if (!issuedWarning && sanityCheckJid) { + if (contactJid.isDomainJid()) { + binding.jid.setError(getActivity().getString(R.string.this_looks_like_a_domain)); + dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add_anway); + issuedWarning = true; + return; + } + if (suspiciousSubDomain(contactJid.getDomain())) { + binding.jid.setError(getActivity().getString(R.string.this_looks_like_channel)); + dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add_anway); + issuedWarning = true; + return; + } + } + if (mListener != null) { try { if (mListener.onEnterJidDialogPositive(accountJid, contactJid)) { @@ -176,6 +202,24 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected } } + @Override + public void beforeTextChanged(CharSequence s, int start, int count, int after) { + + } + + @Override + public void onTextChanged(CharSequence s, int start, int before, int count) { + + } + + @Override + public void afterTextChanged(Editable s) { + if (issuedWarning) { + dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add); + issuedWarning = false; + } + } + public interface OnEnterJidDialogPositiveListener { boolean onEnterJidDialogPositive(Jid account, Jid contact) throws EnterJidDialog.JidError; } @@ -200,4 +244,9 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected } super.onDestroyView(); } + + private static boolean suspiciousSubDomain(String domain) { + final String[] parts = domain.split("\\."); + return parts.length >= 3 && SUSPICIOUS_DOMAINS.contains(parts[0]); + } } diff --git a/src/main/java/eu/siacs/conversations/ui/StartConversationActivity.java b/src/main/java/eu/siacs/conversations/ui/StartConversationActivity.java index 91c5302d2..a05c707c9 100644 --- a/src/main/java/eu/siacs/conversations/ui/StartConversationActivity.java +++ b/src/main/java/eu/siacs/conversations/ui/StartConversationActivity.java @@ -495,7 +495,8 @@ public class StartConversationActivity extends XmppActivity implements XmppConne getString(R.string.add), prefilledJid, null, - invite == null || !invite.hasFingerprints() + invite == null || !invite.hasFingerprints(), + true ); dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> { diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml index 355b2801e..71368976c 100644 --- a/src/main/res/values/strings.xml +++ b/src/main/res/values/strings.xml @@ -863,4 +863,7 @@ I already have an account Add existing account Register new account + This looks like a domain address + Add anyway + This looks like a channel address