Bug 1922357 - disallow the fido: URI scheme. a=dmeehan

Original Revision: https://phabricator.services.mozilla.com/D237313

Differential Revision: https://phabricator.services.mozilla.com/D238681

mobile/android/android-components/components/browser/engine-gecko/src/main/java/mozilla/components/browser/engine/gecko/GeckoEngineSession.kt

@@ -1818,7 +1818,7 @@ class GeckoEngineSession(
         internal const val ABOUT_BLANK = "about:blank"
         internal const val JS_SCHEME = "javascript"
         internal val BLOCKED_SCHEMES =
-            listOf("file", "resource", JS_SCHEME) // See 1684761 and 1684947
+            listOf("file", "resource", "fido", JS_SCHEME) // See 1684761 and 1684947
 
         /**
          * Provides an ErrorType corresponding to the error code provided.

mobile/android/android-components/components/browser/engine-gecko/src/test/java/mozilla/components/browser/engine/gecko/GeckoEngineSessionTest.kt

@@ -631,6 +631,11 @@ class GeckoEngineSessionTest {
         engineSession.loadUrl("RESOURCE://package/test.text")
         verify(geckoSession, never()).load(GeckoSession.Loader().uri("resource://package/test.text"))
         verify(geckoSession, never()).load(GeckoSession.Loader().uri("RESOURCE://package/test.text"))
+
+        engineSession.loadUrl("fido:/12345678")
+        engineSession.loadUrl("FIDO:/12345678")
+        verify(geckoSession, never()).load(GeckoSession.Loader().uri("fido:/12345678"))
+        verify(geckoSession, never()).load(GeckoSession.Loader().uri("FIDO:/12345678"))
     }
 
     @Test

mobile/android/android-components/components/feature/app-links/src/main/java/mozilla/components/feature/app/links/AppLinksUseCases.kt

@@ -313,6 +313,7 @@ class AppLinksUseCases(
             "https", "moz-extension", "moz-safe-about", "resource", "view-source", "ws", "wss", "blob",
         )
 
-        internal val ALWAYS_DENY_SCHEMES: Set<String> = setOf("jar", "file", "javascript", "data", "about", "content")
+        internal val ALWAYS_DENY_SCHEMES: Set<String> =
+            setOf("jar", "file", "javascript", "data", "about", "content", "fido")
     }
 }

mobile/android/android-components/components/feature/app-links/src/test/java/mozilla/components/feature/app/links/AppLinksUseCasesTest.kt

@@ -47,6 +47,7 @@ class AppLinksUseCasesTest {
     private val javascriptUrl = "javascript:'hello, world'"
     private val jarUrl = "jar:file://some/path/test.html"
     private val contentUrl = "content://media/external_primary/downloads/12345"
+    private val fidoPath = "fido:12345678"
     private val fileType = "audio/mpeg"
     private val layerUrl = "https://example.com"
     private val layerPackage = "com.example.app"
@@ -215,6 +216,15 @@ class AppLinksUseCasesTest {
         assertFalse(redirect.isRedirect())
     }
 
+    @Test
+    fun `A fido url is not an app link`() {
+        val context = createContext(Triple(fidoPath, appPackage, ""))
+        val subject = AppLinksUseCases(context, { true })
+
+        val redirect = subject.interceptedAppLinkRedirect(fidoPath)
+        assertFalse(redirect.isRedirect())
+    }
+
     @Test
     fun `Will not redirect app link if browser option set to false and scheme is supported`() {
         val context = createContext(Triple(appUrl, appPackage, ""))

mobile/android/geckoview/src/main/java/org/mozilla/gecko/util/IntentUtils.java

@@ -76,6 +76,10 @@ public class IntentUtils {
       return getSafeIntent(aUri) != null;
     }
 
+    if ("fido".equals(scheme)) {
+      return false;
+    }
+
     return true;
   }
 

mobile/android/geckoview/src/test/java/org/mozilla/gecko/util/IntentUtilsTest.java

@@ -63,4 +63,10 @@ public class IntentUtilsTest {
     final String uri = "intent:non_scheme_intent#Intent;end";
     assertTrue(IntentUtils.isUriSafeForScheme(uri));
   }
+
+  @Test
+  public void unsafeFidoUri() {
+    final String uri = "fido:/12345678";
+    assertFalse(IntentUtils.isUriSafeForScheme(uri));
+  }
 }