Do not insert text shared over XMPP uri when already drafting message

XMPP uris in the style of `xmpp:test@domain.tld?body=Something` can be used to
directly share a message with a specific contact. Previously the text was
always appended to the message currently in draft. The message was never send
automatically. Essentially those links where treated like normal text share
intents (for example when sharing a URL from the browser) but without the
contact selection.

There is a concern (CVE-2018-18467) that when this URI is invoked automatically
and the user is currently drafting a long message to that particular contact
the text could be inserted in the draft field (input box) without the user
noticing.

To circumvent that the text shared over XMPP uris that contain a particular
contact is now appended only if the draft box is currently empty.

Sharing text normally (**with** manual contact selection) is still treated the
same; meaning the shared text will be appended to the current draft. This is
intended behaviour to make the
'Hey I have this cool link here;' *open browser*, *share link* - secenario
work.

1 files changed, 12 insertions, 5 deletions

diff --git a/src/main/java/de/pixart/messenger/ui/XmppActivity.java b/src/main/java/de/pixart/messenger/ui/XmppActivity.java
index 929d1566b..dcf3afed4 100644
--- a/src/main/java/de/pixart/messenger/ui/XmppActivity.java
+++ b/src/main/java/de/pixart/messenger/ui/XmppActivity.java
@@ -451,22 +451,26 @@ public abstract class XmppActivity extends ActionBarActivity {
     }
 
     public void switchToConversationAndQuote(Conversation conversation, String text) {
-        switchToConversation(conversation, text, true, null, false);
+        switchToConversation(conversation, text, true, null, false, false);
     }
 
     public void switchToConversation(Conversation conversation, String text) {
-        switchToConversation(conversation, text, false, null, false);
+        switchToConversation(conversation, text, false, null, false, false);
+    }
+
+    public void switchToConversationDoNotAppend(Conversation conversation, String text) {
+        switchToConversation(conversation, text, false, null, false, true);
     }
 
     public void highlightInMuc(Conversation conversation, String nick) {
-        switchToConversation(conversation, null, false, nick, false);
+        switchToConversation(conversation, null, false, nick, false, false);
     }
 
     public void privateMsgInMuc(Conversation conversation, String nick) {
-        switchToConversation(conversation, null, false, nick, true);
+        switchToConversation(conversation, null, false, nick, true, false);
     }
 
-    private void switchToConversation(Conversation conversation, String text, boolean asQuote, String nick, boolean pm) {
+    private void switchToConversation(Conversation conversation, String text, boolean asQuote, String nick, boolean pm, boolean doNotAppend) {
         Intent intent = new Intent(this, ConversationsActivity.class);
         intent.setAction(ConversationsActivity.ACTION_VIEW_CONVERSATION);
         intent.putExtra(ConversationsActivity.EXTRA_CONVERSATION, conversation.getUuid());
@@ -480,6 +484,9 @@ public abstract class XmppActivity extends ActionBarActivity {
             intent.putExtra(ConversationsActivity.EXTRA_NICK, nick);
             intent.putExtra(ConversationsActivity.EXTRA_IS_PRIVATE_MESSAGE, pm);
         }
+        if (doNotAppend) {
+            intent.putExtra(ConversationsActivity.EXTRA_DO_NOT_APPEND, true);
+        }
         intent.setFlags(intent.getFlags() | Intent.FLAG_ACTIVITY_CLEAR_TOP);
         startActivity(intent);
         overridePendingTransition(R.animator.fade_in, R.animator.fade_out);