Merge "Revert "Restrict "javascript" and "file" scheme intents""

author: Paul Miller <paulmiller@google.com> 2015-04-06 18:18:36 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> 2015-04-06 18:18:37 +0000
commit: dc9c958256a66c333c1048ad21f1de8c1c0cdad3 (patch)
tree: e9f3b3af25152d73be2a389e480b623569291d31 /src/com/android/browser/Tab.java
parent: b1da6cff83eab4f707456fbdb0d64f28d26c4889 (diff)
parent: 3fa0e8adb2faf92b1529d0ac39ea16b5adc3d3b4 (diff)
download: packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.tar.gz
packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.tar.bz2
packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.zip
1 files changed, 25 insertions, 1 deletions
diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index a4d2ce01a..dc1944e35 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -74,7 +74,9 @@ import com.android.browser.TabControl.OnThumbnailUpdatedListener;
 import com.android.browser.homepages.HomeProvider;
 import com.android.browser.provider.SnapshotProvider.Snapshots;
 
+import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
+import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.ByteBuffer;
@@ -103,6 +105,8 @@ class Tab implements PictureListener {
     private static final int CAPTURE_DELAY = 100;
     private static final int INITIAL_PROGRESS = 5;
 
+    private static final String RESTRICTED = "<html><body>not allowed</body></html>";
+
     private static Bitmap sDefaultFavicon;
 
     private static Paint sAlphaPaint = new Paint();
@@ -605,7 +609,27 @@ class Tab implements PictureListener {
         @Override
         public WebResourceResponse shouldInterceptRequest(WebView view,
                 String url) {
-            return HomeProvider.shouldInterceptRequest(mContext, url);
+            Uri uri = Uri.parse(url);
+            if (uri.getScheme().toLowerCase().equals("file")) {
+                File file = new File(uri.getPath());
+                try {
+                    if (file.getCanonicalPath().startsWith(
+                            mContext.getApplicationContext().getApplicationInfo().dataDir)) {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    }
+                } catch (Exception ex) {
+                    Log.e(LOGTAG, "Bad canonical path" + ex.toString());
+                    try {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    } catch (java.io.UnsupportedEncodingException e) {
+                    }
+                }
+            }
+            WebResourceResponse res = HomeProvider.shouldInterceptRequest(
+                    mContext, url);
+            return res;
         }
 
         @Override
author	Paul Miller <paulmiller@google.com>	2015-04-06 18:18:36 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	2015-04-06 18:18:37 +0000
commit	dc9c958256a66c333c1048ad21f1de8c1c0cdad3 (patch)
tree	e9f3b3af25152d73be2a389e480b623569291d31 /src/com/android/browser/Tab.java
parent	b1da6cff83eab4f707456fbdb0d64f28d26c4889 (diff)
parent	3fa0e8adb2faf92b1529d0ac39ea16b5adc3d3b4 (diff)
download	packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.tar.gz packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.tar.bz2 packages_apps_Browser-dc9c958256a66c333c1048ad21f1de8c1c0cdad3.zip