Unable to restrict AOSP Browser (com.android.browser)

Question

Unable to restrict AOSP Browser (com.android.browser)

an0n981 opened this issue 10 years ago · 5 comments

Denying Internet/Connect or View/loadURL (onDemand or permanently) has no effect, all pages are able to load, although the usage data shows as denied. AOSP browser does not use any native libraries.

Log, restrictions, screen shots:
https://mega.co.nz/#!clYDgbCa!c6RSqviqK3lm3FWQSEgqV_aWKy-1qZnBXVquGgu5EU0

Answer 1 · 2014-05-26T05:23:33.000Z

Stock browser = Chrome?
Does the browser share its uid with other system components?

I am afraid Google is connecting to the internet in a non-standard way, by doing direct sysyem call. This will probably end up in the limitations section.

Answer 2 · 2014-05-26T06:11:21.000Z

Not Chrome, the open source stock AOSP browser, the one that used to be standard before Google started pushing Chrome. It is still standard on ROMs that don't have the proprietary GAPPS installed.
It does not share its UID.

Answer 3 · 2014-05-26T13:15:10.000Z

As far as I can tell this happens with dolphin browser as well. I wrote about it a couple of weeks ago on XDA post # 9282.
internet/connect is generally ignored except for file downloading. shell category fully restricted. view/url restricted.

Answer 4 · 2014-05-27T11:29:28.000Z

05-25 20:46:35.034 W/XPrivacy(2694): On demand 10071/loadUrl(http://www.xprivacy.eu/) view=!restricted?
05-25 20:46:35.034 W/XPrivacy(2694): On demanding 10071/loadUrl(http://www.xprivacy.eu/) view=!restricted?
05-25 20:46:37.404 W/XPrivacy(2694): Blacklisting 10071/loadUrl(http://www.xprivacy.eu/) view=!restricted? xextra=null
05-25 20:46:37.434 W/XPrivacy(2694): Clearing cache for 10071/android.intent.action.VIEW(null) view=!restricted?
05-25 20:46:37.439 W/XPrivacy(2694): Clearing cache for 10071/loadUrl(null) view=!restricted?
05-25 20:46:37.444 W/XPrivacy(2694): Removing 10071:view/loadUrl(http://www.xprivacy.eu/)=true/false
05-25 20:46:37.444 I/XPrivacy(2694): get service 10071/loadUrl(http://www.xprivacy.eu/) view=!restricted? 2421 ms
05-25 20:46:37.449 I/XPrivacy/XWebView(7310): get client 10071/loadUrl(http://www.xprivacy.eu/) view=restricted 2424 ms
05-25 20:46:37.449 I/XPrivacy/XWebSettings(7310): get client 10071/setUserAgentString(null) view=!restricted (cached) 0 ms

loadUrl is successfully restricted on the client side (browser). No other restrictions are hit soon thereafter, so the stock browser is probably using some (hidden) system service or another system component to load the page.

Answer 5 · 2014-10-17T07:39:26.000Z

There is another limitation:

"You can't set the user-agent string used for XMLHttpRequests made from JavaScript. Those requests always use the default user-agent string."
https://developer.chrome.com/multidevice/webview/overview