[wallet] Fix HTTP URIs and error handling

Previously, we would crash for certain URIs. Cleartext comms only allowed for localhost.
author: Torsten Grote <t@grobox.de> 2024-01-02 10:46:30 -0300
committer: Torsten Grote <t@grobox.de> 2024-01-02 10:46:30 -0300
commit: 4d23c920fdc1a3eb0869f32a2faff4debbc653a4 (patch)
tree: 160506e353eba9af307cdddd2c0d584d839135d6
parent: 35527f90cbcf286c76aa2b9f7634badd8844cb57 (diff)
download: taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.tar.gz
taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.tar.bz2
taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.zip
4 files changed, 20 insertions, 6 deletions
diff --git a/wallet/src/main/AndroidManifest.xml b/wallet/src/main/AndroidManifest.xml
index 7f8eb52..b8c05c6 100644
--- a/wallet/src/main/AndroidManifest.xml
+++ b/wallet/src/main/AndroidManifest.xml
@@ -40,6 +40,7 @@
         android:fullBackupContent="@xml/backup_descriptor"
         android:icon="@mipmap/ic_launcher"
         android:label="@string/app_name"
+        android:networkSecurityConfig="@xml/network_security_config"
         android:roundIcon="@mipmap/ic_launcher_round"
         android:supportsRtl="true"
         android:theme="@style/AppTheme"
diff --git a/wallet/src/main/java/net/taler/wallet/MainActivity.kt b/wallet/src/main/java/net/taler/wallet/MainActivity.kt
index 4cbd738..16f0efa 100644
--- a/wallet/src/main/java/net/taler/wallet/MainActivity.kt
+++ b/wallet/src/main/java/net/taler/wallet/MainActivity.kt
@@ -66,10 +66,10 @@ import net.taler.wallet.HostCardEmulatorService.Companion.MERCHANT_NFC_DISCONNEC
 import net.taler.wallet.HostCardEmulatorService.Companion.TRIGGER_PAYMENT_ACTION
 import net.taler.wallet.databinding.ActivityMainBinding
 import net.taler.wallet.refund.RefundStatus
+import java.io.IOException
 import java.net.HttpURLConnection
 import java.net.URL
 import java.util.Locale.ROOT
-import javax.net.ssl.HttpsURLConnection
 
 class MainActivity : AppCompatActivity(), OnNavigationItemSelectedListener,
     OnPreferenceStartFragmentCallback {
@@ -186,13 +186,18 @@ class MainActivity : AppCompatActivity(), OnNavigationItemSelectedListener,
 
         if (scheme == "http" || scheme == "https") {
             model.viewModelScope.launch(Dispatchers.IO) {
-                val conn: HttpsURLConnection =
-                    URL(uri.toString()).openConnection() as HttpsURLConnection
+                val conn = URL(uri.toString()).openConnection() as HttpURLConnection
                 Log.v(TAG, "prepare query: $uri")
                 conn.setRequestProperty("Accept", "text/html")
                 conn.connectTimeout = 5000
                 conn.requestMethod = "HEAD"
-                conn.connect()
+                try {
+                    conn.connect()
+                } catch (e: IOException) {
+                    Log.e(TAG, "Error connecting to $uri ", e)
+                    showError(R.string.error_broken_uri, "$uri")
+                    return@launch
+                }
                 val status = conn.responseCode
 
                 if (status == HttpURLConnection.HTTP_OK || status == HttpURLConnection.HTTP_PAYMENT_REQUIRED) {
@@ -202,8 +207,7 @@ class MainActivity : AppCompatActivity(), OnNavigationItemSelectedListener,
                         val talerHeaderUri = Uri.parse(talerHeader[0])
                         getTalerAction(talerHeaderUri, 0, actionFound)
                     }
-                }
-                if (status == HttpURLConnection.HTTP_MOVED_TEMP
+                } else if (status == HttpURLConnection.HTTP_MOVED_TEMP
                     || status == HttpURLConnection.HTTP_MOVED_PERM
                     || status == HttpURLConnection.HTTP_SEE_OTHER
                 ) {
@@ -213,6 +217,8 @@ class MainActivity : AppCompatActivity(), OnNavigationItemSelectedListener,
                         val locUri = Uri.parse(location[0])
                         getTalerAction(locUri, maxRedirects - 1, actionFound)
                     }
+                } else {
+                    showError(R.string.error_broken_uri, "$uri")
                 }
             }
         } else {
diff --git a/wallet/src/main/res/values/strings.xml b/wallet/src/main/res/values/strings.xml
index 09feee6..058c30b 100644
--- a/wallet/src/main/res/values/strings.xml
+++ b/wallet/src/main/res/values/strings.xml
@@ -65,6 +65,7 @@ GNU Taler is immune against many types of fraud, such as phishing of credit card
     <string name="offline">Operation requires internet access. Please ensure your internet connection works and try again.</string>
     <string name="offline_banner">No internet access</string>
     <string name="error_unsupported_uri">Error: This Taler URI is not supported.</string>
+    <string name="error_broken_uri">Error: This Taler URI is (currently) not working.</string>
 
     <string name="menu_settings">Settings</string>
     <string name="menu_retry_pending_operations">Retry Pending Operations</string>
diff --git a/wallet/src/main/res/xml/network_security_config.xml b/wallet/src/main/res/xml/network_security_config.xml
new file mode 100644
index 0000000..de61259
--- /dev/null
+++ b/wallet/src/main/res/xml/network_security_config.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<network-security-config>
+    <domain-config cleartextTrafficPermitted="true">
+        <domain includeSubdomains="true">localhost</domain>
+    </domain-config>
+</network-security-config>
author	Torsten Grote <t@grobox.de>	2024-01-02 10:46:30 -0300
committer	Torsten Grote <t@grobox.de>	2024-01-02 10:46:30 -0300
commit	4d23c920fdc1a3eb0869f32a2faff4debbc653a4 (patch)
tree	160506e353eba9af307cdddd2c0d584d839135d6
parent	35527f90cbcf286c76aa2b9f7634badd8844cb57 (diff)
download	taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.tar.gz taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.tar.bz2 taler-android-4d23c920fdc1a3eb0869f32a2faff4debbc653a4.zip