Skip to content

Block insecure connection on the WebView #6103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: feature/onboarding_set_security_level_migration
Choose a base branch
from
Open

Block insecure connection on the WebView #6103

wants to merge 6 commits into from
+1,067 −6

Conversation

@TimoPtr
Copy link
Member

@TimoPtr TimoPtr commented Nov 27, 2025
edited
Loading

Summary

Add a new screen on top of the WebViewActivity that prevents loading the URL if we are in an insecure state and the user picked the Most secured option. This screen change based on the current state and can display banner with button to help the user 'fix' the situation.

Checklist

  • New or updated tests have been added to cover the changes following the testing guidelines.
  • The code follows the project's code style and best_practices.
  • The changes have been thoroughly tested, and edge cases have been considered.
  • Changes are backward compatible whenever feasible. Any breaking changes are documented in the changelog for users and/or in the code for developers depending on the relevance.

Screenshots

image image image

Any other notes

The screen doesn't refresh on its own.

@github-actions
Copy link
Contributor

github-actions bot commented Nov 27, 2025
edited
Loading

Test Results

 89 files  + 2   89 suites  +2   7m 31s ⏱️ -15s
829 tests +43  805 ✅ +19  0 💤 ±0  24 ❌ +24 
842 runs  +43  818 ✅ +19  0 💤 ±0  24 ❌ +24 

For more details on these failures, see this check.

Results for commit fe0b2a9. ± Comparison against base commit bfecbf7.

♻️ This comment has been updated with latest results.

@TimoPtr TimoPtr mentioned this pull request Nov 27, 2025
Open
17 tasks
jpelgrom
jpelgrom reviewed Nov 27, 2025
View reviewed changes
...n/src/main/kotlin/io/homeassistant/companion/android/database/server/ServerConnectionInfo.kt
* @param url The URL being used for the connection
* @return [SecurityStatus.Secure] if the connection is secure, [SecurityStatus.Insecure] otherwise
*/
fun currentSecurityStatusForUrl(context: Context, url: String): SecurityStatus {
Copy link
Member

@jpelgrom jpelgrom Nov 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"for a given url" where you provide the url shouldn't exist when it is an extension function on the class that holds the URLs. It should not be an extension function here, determine the url to check automatically, or allow you to pass an enum for internal/external/cloud.

Copy link
Member

@jpelgrom jpelgrom Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You sent me a DM on Discord about creating a new UrlHelper class for this one. Feel free to experiment but please comment here once you decided whether to introduce that or keep this.

jpelgrom
jpelgrom reviewed Nov 30, 2025
View reviewed changes
app/src/main/kotlin/io/homeassistant/companion/android/webview/insecure/BlockInsecureScreen.kt Outdated
modifier = Modifier
.padding(all = 20.dp)
.size(120.dp),
imageVector = Icons.Default.Lock,
Copy link
Member

@jpelgrom jpelgrom Nov 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We had some discussions about this on Discord. My vote is for mdi:lock-open-alert as you're talking about http(s) in the screen and users have been trained for open lock = http, closed lock = https in web browsers, so showing a closed lock because they are using http feels wrong.

app/src/main/kotlin/io/homeassistant/companion/android/webview/WebViewActivity.kt Outdated
Comment on lines 1434 to 1436
val allowInsecureConnection = serverManager.integrationRepository(
presenter.getActiveServer(),
).getAllowInsecureConnection()
Copy link
Member

@jpelgrom jpelgrom Nov 30, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should be exposed via the presenter instead, the activity should try to avoid using repositories directly

Copy link
Member Author

@TimoPtr TimoPtr Dec 1, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had the same feelings but we are already calling getServer removeServer that we shouldn't.
I'm going to move this to the presenter in any case.

@TimoPtr TimoPtr force-pushed the feature/onboarding_set_security_level_migration branch from bf162f7 to 91753f8 Compare December 1, 2025 09:00
@TimoPtr TimoPtr force-pushed the feature/block_insecure_connection branch from 423e8ff to 7919d50 Compare December 1, 2025 09:00
@TimoPtr TimoPtr force-pushed the feature/block_insecure_connection branch from 7919d50 to fe0b2a9 Compare December 1, 2025 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jpelgrom jpelgrom jpelgrom left review comments

Assignees

No one assigned

Labels

cla-signed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@TimoPtr @jpelgrom