add contact dialog: warn on suspicious addresses

author: Christian Schneppe <christian@pix-art.de> 2019-05-03 21:19:52 +0200
committer: Christian Schneppe <christian@pix-art.de> 2019-05-03 21:19:52 +0200
commit: 88a275a433c8115bf26f9fba1a8578a3bc865487 (patch)
tree: 1a075ac58923a0d1f5fff046bbf049b70afdd11a
parent: a129263860aca0f6b6a1dfec7f5439e7dcad17dd (diff)
5 files changed, 70 insertions, 10 deletions
diff --git a/src/main/java/de/pixart/messenger/ui/BlocklistActivity.java b/src/main/java/de/pixart/messenger/ui/BlocklistActivity.java
index b642909b0..49422583d 100644
--- a/src/main/java/de/pixart/messenger/ui/BlocklistActivity.java
+++ b/src/main/java/de/pixart/messenger/ui/BlocklistActivity.java
@@ -73,7 +73,8 @@ public class BlocklistActivity extends AbstractSearchableListItemActivity implem
                 null,
                 account.getJid().asBareJid().toString(),
                 true,
-                xmppConnectionService.multipleAccounts()
+                xmppConnectionService.multipleAccounts(),
+                false
         );
 
         dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> {
diff --git a/src/main/java/de/pixart/messenger/ui/ChooseContactActivity.java b/src/main/java/de/pixart/messenger/ui/ChooseContactActivity.java
index 593dd5645..6d407c326 100644
--- a/src/main/java/de/pixart/messenger/ui/ChooseContactActivity.java
+++ b/src/main/java/de/pixart/messenger/ui/ChooseContactActivity.java
@@ -312,7 +312,8 @@ public class ChooseContactActivity extends AbstractSearchableListItemActivity im
                 jid == null ? null : jid.asBareJid().toString(),
                 getIntent().getStringExtra(EXTRA_ACCOUNT),
                 true,
-                true
+                true,
+                false
         );
 
         dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> {
diff --git a/src/main/java/de/pixart/messenger/ui/EnterJidDialog.java b/src/main/java/de/pixart/messenger/ui/EnterJidDialog.java
index 02aa46277..5375c7373 100644
--- a/src/main/java/de/pixart/messenger/ui/EnterJidDialog.java
+++ b/src/main/java/de/pixart/messenger/ui/EnterJidDialog.java
@@ -7,10 +7,13 @@ import android.os.Bundle;
 import android.support.annotation.NonNull;
 import android.support.v4.app.DialogFragment;
 import android.support.v7.app.AlertDialog;
+import android.text.Editable;
+import android.text.TextWatcher;
 import android.view.View;
 import android.widget.ArrayAdapter;
 
 import java.util.ArrayList;
+import java.util.Arrays;
 import java.util.Collection;
 import java.util.List;
 
@@ -22,8 +25,9 @@ import de.pixart.messenger.ui.interfaces.OnBackendConnected;
 import de.pixart.messenger.ui.util.DelayedHintHelper;
 import rocks.xmpp.addr.Jid;
 
-public class EnterJidDialog extends DialogFragment implements OnBackendConnected {
+public class EnterJidDialog extends DialogFragment implements OnBackendConnected, TextWatcher {
 
+    private static final List<String> SUSPICIOUS_DOMAINS = Arrays.asList("conference", "muc", "room", "rooms", "chat");
     private static final String TITLE_KEY = "title";
     private static final String POSITIVE_BUTTON_KEY = "positive_button";
     private static final String PREFILLED_JID_KEY = "prefilled_jid";
@@ -31,13 +35,21 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
     private static final String ALLOW_EDIT_JID_KEY = "allow_edit_jid";
     private static final String MULTIPLE_ACCOUNTS = "multiple_accounts_enabled";
     private static final String ACCOUNTS_LIST_KEY = "activated_accounts_list";
+    private static final String SANITY_CHECK_JID = "sanity_check_jid";
+
     private OnEnterJidDialogPositiveListener mListener = null;
 
     private KnownHostsAdapter knownHostsAdapter;
 
+    private EnterJidDialogBinding binding;
+    private AlertDialog dialog;
+    private boolean sanityCheckJid = false;
+
+    private boolean issuedWarning = false;
+
     public static EnterJidDialog newInstance(final List<String> activatedAccounts,
                                              final String title, final String positiveButton,
-                                             final String prefilledJid, final String account, boolean allowEditJid, boolean multipleAccounts) {
+                                             final String prefilledJid, final String account, boolean allowEditJid, boolean multipleAccounts, final boolean sanity_check_jid) {
         EnterJidDialog dialog = new EnterJidDialog();
         Bundle bundle = new Bundle();
         bundle.putString(TITLE_KEY, title);
@@ -47,6 +59,7 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
         bundle.putBoolean(ALLOW_EDIT_JID_KEY, allowEditJid);
         bundle.putBoolean(MULTIPLE_ACCOUNTS, multipleAccounts);
         bundle.putStringArrayList(ACCOUNTS_LIST_KEY, (ArrayList<String>) activatedAccounts);
+        bundle.putBoolean(SANITY_CHECK_JID, sanity_check_jid);
         dialog.setArguments(bundle);
         return dialog;
     }
@@ -71,9 +84,10 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
     public Dialog onCreateDialog(Bundle savedInstanceState) {
         final AlertDialog.Builder builder = new AlertDialog.Builder(getActivity());
         builder.setTitle(getArguments().getString(TITLE_KEY));
-        EnterJidDialogBinding binding = DataBindingUtil.inflate(getActivity().getLayoutInflater(), R.layout.enter_jid_dialog, null, false);
+        binding = DataBindingUtil.inflate(getActivity().getLayoutInflater(), R.layout.enter_jid_dialog, null, false);
         this.knownHostsAdapter = new KnownHostsAdapter(getActivity(), R.layout.simple_list_item);
         binding.jid.setAdapter(this.knownHostsAdapter);
+        binding.jid.addTextChangedListener(this);
         String prefilledJid = getArguments().getString(PREFILLED_JID_KEY);
         if (prefilledJid != null) {
             binding.jid.append(prefilledJid);
@@ -85,6 +99,8 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
             }
         }
 
+        sanityCheckJid = getArguments().getBoolean(SANITY_CHECK_JID, false);
+
         DelayedHintHelper.setHint(R.string.account_settings_example_jabber_id, binding.jid);
 
         String account = getArguments().getString(ACCOUNT_KEY);
@@ -111,13 +127,13 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
         builder.setView(binding.getRoot());
         builder.setNegativeButton(R.string.cancel, null);
         builder.setPositiveButton(getArguments().getString(POSITIVE_BUTTON_KEY), null);
-        AlertDialog dialog = builder.create();
+        this.dialog = builder.create();
 
         View.OnClickListener dialogOnClick = v -> {
-            handleEnter(binding, account, dialog);
+            handleEnter(binding, account);
         };
         binding.jid.setOnEditorActionListener((v, actionId, event) -> {
-            handleEnter(binding, account, dialog);
+            handleEnter(binding, account);
             return true;
         });
 
@@ -126,7 +142,7 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
         return dialog;
     }
 
-    private void handleEnter(EnterJidDialogBinding binding, String account, Dialog dialog) {
+    private void handleEnter(EnterJidDialogBinding binding, String account) {
         final Jid accountJid;
         if (!binding.account.isEnabled() && account == null) {
             return;
@@ -148,6 +164,21 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
             return;
         }
 
+        if (!issuedWarning && sanityCheckJid) {
+            if (contactJid.isDomainJid()) {
+                binding.jid.setError(getActivity().getString(R.string.this_looks_like_a_domain));
+                dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add_anway);
+                issuedWarning = true;
+                return;
+            }
+            if (suspiciousSubDomain(contactJid.getDomain())) {
+                binding.jid.setError(getActivity().getString(R.string.this_looks_like_channel));
+                dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add_anway);
+                issuedWarning = true;
+                return;
+            }
+        }
+
         if (mListener != null) {
             try {
                 if (mListener.onEnterJidDialogPositive(accountJid, contactJid)) {
@@ -159,6 +190,24 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
         }
     }
 
+    @Override
+    public void beforeTextChanged(CharSequence s, int start, int count, int after) {
+
+    }
+
+    @Override
+    public void onTextChanged(CharSequence s, int start, int before, int count) {
+
+    }
+
+    @Override
+    public void afterTextChanged(Editable s) {
+        if (issuedWarning) {
+            dialog.getButton(AlertDialog.BUTTON_POSITIVE).setText(R.string.add);
+            issuedWarning = false;
+        }
+    }
+
     public void setOnEnterJidDialogPositiveListener(OnEnterJidDialogPositiveListener listener) {
         this.mListener = listener;
     }
@@ -200,4 +249,9 @@ public class EnterJidDialog extends DialogFragment implements OnBackendConnected
             return msg;
         }
     }
+
+    private static boolean suspiciousSubDomain(String domain) {
+        final String[] parts = domain.split("\\.");
+        return parts.length >= 3 && SUSPICIOUS_DOMAINS.contains(parts[0]);
+    }
 }
diff --git a/src/main/java/de/pixart/messenger/ui/StartConversationActivity.java b/src/main/java/de/pixart/messenger/ui/StartConversationActivity.java
index 75e7c2f52..1cf01283c 100644
--- a/src/main/java/de/pixart/messenger/ui/StartConversationActivity.java
+++ b/src/main/java/de/pixart/messenger/ui/StartConversationActivity.java
@@ -494,7 +494,8 @@ public class StartConversationActivity extends XmppActivity implements XmppConne
                 prefilledJid,
                 null,
                 invite == null || !invite.hasFingerprints(),
-                multiAccount
+                multiAccount,
+                true
         );
 
         dialog.setOnEnterJidDialogPositiveListener((accountJid, contactJid) -> {
diff --git a/src/main/res/values/strings.xml b/src/main/res/values/strings.xml
index 7b27130ea..027279364 100644
--- a/src/main/res/values/strings.xml
+++ b/src/main/res/values/strings.xml
@@ -910,4 +910,7 @@
     <string name="channel_discover_opt_in_message"><![CDATA[Channel discovery uses a third party service called <a href="https://search.jabbercat.org">search.jabbercat.org</a>.<br><br>Using this feature will transmit your IP address and search terms to that service. See their <a href="https://search.jabbercat.org/privacy">Privacy Policy</a> for more information.]]></string>
     <string name="action_add_existing_account">Add existing account</string>
     <string name="use_own_provider">Use own provider</string>
+    <string name="this_looks_like_a_domain">This looks like a domain address</string>
+    <string name="add_anway">Add anyway</string>
+    <string name="this_looks_like_channel">This looks like a channel address</string>
 </resources>
author	Christian Schneppe <christian@pix-art.de>	2019-05-03 21:19:52 +0200
committer	Christian Schneppe <christian@pix-art.de>	2019-05-03 21:19:52 +0200
commit	88a275a433c8115bf26f9fba1a8578a3bc865487 (patch)
tree	1a075ac58923a0d1f5fff046bbf049b70afdd11a
parent	a129263860aca0f6b6a1dfec7f5439e7dcad17dd (diff)