Make browser bookmarks permissions part of the public API.
diff --git a/api/current.xml b/api/current.xml
index c20d91b..b28780c 100644
--- a/api/current.xml
+++ b/api/current.xml
@@ -683,6 +683,17 @@
visibility="public"
>
</field>
+<field name="READ_HISTORY_BOOKMARKS"
+ type="java.lang.String"
+ transient="false"
+ volatile="false"
+ value=""android.permission.READ_HISTORY_BOOKMARKS""
+ static="true"
+ final="true"
+ deprecated="not deprecated"
+ visibility="public"
+>
+</field>
<field name="READ_INPUT_STATE"
type="java.lang.String"
transient="false"
@@ -1134,6 +1145,17 @@
visibility="public"
>
</field>
+<field name="WRITE_HISTORY_BOOKMARKS"
+ type="java.lang.String"
+ transient="false"
+ volatile="false"
+ value=""android.permission.WRITE_HISTORY_BOOKMARKS""
+ static="true"
+ final="true"
+ deprecated="not deprecated"
+ visibility="public"
+>
+</field>
<field name="WRITE_OWNER_DATA"
type="java.lang.String"
transient="false"
diff --git a/core/java/android/provider/Browser.java b/core/java/android/provider/Browser.java
index 9c8c537d..789fdff 100644
--- a/core/java/android/provider/Browser.java
+++ b/core/java/android/provider/Browser.java
@@ -168,6 +168,7 @@
/**
* Return a cursor pointing to a list of all the bookmarks.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
*/
public static final Cursor getAllBookmarks(ContentResolver cr) throws
@@ -179,6 +180,7 @@
/**
* Return a cursor pointing to a list of all visited site urls.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
*/
public static final Cursor getAllVisitedUrls(ContentResolver cr) throws
@@ -190,6 +192,8 @@
/**
* Update the visited history to acknowledge that a site has been
* visited.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param url The site being visited.
* @param real Whether this is an actual visit, and should be added to the
@@ -239,6 +243,8 @@
* of them. This is used to keep our history table to a
* reasonable size. Note: it does not prune bookmarks. If the
* user wants 1000 bookmarks, the user gets 1000 bookmarks.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
*
* @param cr The ContentResolver used to access the database.
*/
@@ -272,6 +278,7 @@
/**
* Returns whether there is any history to clear.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @return boolean True if the history can be cleared.
*/
@@ -297,6 +304,7 @@
/**
* Delete all entries from the bookmarks/history table which are
* not bookmarks. Also set all visited bookmarks to unvisited.
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
*/
public static final void clearHistory(ContentResolver cr) {
@@ -306,6 +314,8 @@
/**
* Helper function to delete all history items and revert all
* bookmarks to zero visits which meet the criteria provided.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param whereClause String to limit the items affected.
* null means all items.
@@ -368,6 +378,7 @@
/**
* Delete all history items from begin to end.
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param begin First date to remove. If -1, all dates before end.
* Inclusive.
@@ -395,6 +406,7 @@
/**
* Remove a specific url from the history database.
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param url url to remove.
*/
@@ -408,6 +420,8 @@
/**
* Add a search string to the searches database.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param search The string to add to the searches database.
*/
@@ -437,6 +451,7 @@
}
/**
* Remove all searches from the search database.
+ * Requires {@link android.Manifest.permission#WRITE_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
*/
public static final void clearSearches(ContentResolver cr) {
@@ -451,6 +466,7 @@
/**
* Request all icons from the database.
+ * Requires {@link android.Manifest.permission#READ_HISTORY_BOOKMARKS}
* @param cr The ContentResolver used to access the database.
* @param where Clause to be used to limit the query from the database.
* Must be an allowable string to be passed into a database query.
diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml
index 7542775..df6151d 100644
--- a/core/res/AndroidManifest.xml
+++ b/core/res/AndroidManifest.xml
@@ -175,6 +175,22 @@
android:label="@string/permlab_writeDictionary"
android:description="@string/permdesc_writeDictionary" />
+ <!-- Allows an application to read (but not write) the user's
+ browsing history and bookmarks. -->
+ <permission android:name="android.permission.READ_HISTORY_BOOKMARKS"
+ android:permissionGroup="android.permission-group.PERSONAL_INFO"
+ android:label="@string/permlab_readHistoryBookmarks"
+ android:description="@string/permdesc_readHistoryBookmarks"
+ android:protectionLevel="dangerous" />
+
+ <!-- Allows an application to write (but not read) the user's
+ browsing history and bookmarks. -->
+ <permission android:name="android.permission.WRITE_HISTORY_BOOKMARKS"
+ android:permissionGroup="android.permission-group.PERSONAL_INFO"
+ android:label="@string/permlab_writeHistoryBookmarks"
+ android:description="@string/permdesc_writeHistoryBookmarks"
+ android:protectionLevel="dangerous" />
+
<!-- ======================================= -->
<!-- Permissions for accessing location info -->
<!-- ======================================= -->
diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml
index 72bdc3a..f742ab7 100644
--- a/core/res/res/values/strings.xml
+++ b/core/res/res/values/strings.xml
@@ -1333,7 +1333,23 @@
<!-- Title of the WebView save password dialog. If the user enters a password in a form on a website, a dialog will come up asking if they want to save the password. -->
<string name="save_password_label">Confirm</string>
-
+
+ <!-- Title of an application permission, listed so the user can choose whether
+ they want to allow the application to do this. -->
+ <string name="permlab_readHistoryBookmarks">read Browser\'s history and bookmarks</string>
+ <!-- Description of an application permission, listed so the user can choose whether
+ they want to allow the application to do this. -->
+ <string name="permdesc_readHistoryBookmarks">Allows the application to read all
+ the URLs that the Browser has visited, and all of the Browser\'s bookmarks.</string>
+ <!-- Title of an application permission, listed so the user can choose whether
+ they want to allow the application to do this. -->
+ <string name="permlab_writeHistoryBookmarks">write Browser\'s history and bookmarks</string>
+ <!-- Description of an application permission, listed so the user can choose whether
+ they want to allow the application to do this. -->
+ <string name="permdesc_writeHistoryBookmarks">Allows an application to modify the
+ Browser\'s history or bookmarks stored on your phone. Malicious applications
+ can use this to erase or modify your Browser\'s data.</string>
+
<!-- If the user enters a password in a form on a website, a dialog will come up asking if they want to save the password. Text in the save password dialog, asking if the browser should remember a password. -->
<string name="save_password_message">Do you want the browser to remember this password?</string>
<!-- If the user enters a password in a form on a website, a dialog will come up asking if they want to save the password. Button in the save password dialog, saying not to remember this password. -->
