From d001de09e1ced4446286e33e868b105b46c1700e Mon Sep 17 00:00:00 2001
From: Paul Miller <paulmiller@google.com>
Date: Mon, 6 Apr 2015 11:58:00 -0700
Subject: Forbid javascript- and file-scheme intents

BUG:13082135
BUG:19296779
Change-Id: Ifea908b175670fbce65205797b93e87adf25bb3d
---
 src/com/android/browser/Tab.java | 26 +-------------------------
 1 file changed, 1 insertion(+), 25 deletions(-)

(limited to 'src/com/android/browser/Tab.java')

diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index dc1944e35..a4d2ce01a 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -74,9 +74,7 @@ import com.android.browser.TabControl.OnThumbnailUpdatedListener;
 import com.android.browser.homepages.HomeProvider;
 import com.android.browser.provider.SnapshotProvider.Snapshots;
 
-import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
-import java.io.File;
 import java.io.IOException;
 import java.io.OutputStream;
 import java.nio.ByteBuffer;
@@ -105,8 +103,6 @@ class Tab implements PictureListener {
     private static final int CAPTURE_DELAY = 100;
     private static final int INITIAL_PROGRESS = 5;
 
-    private static final String RESTRICTED = "<html><body>not allowed</body></html>";
-
     private static Bitmap sDefaultFavicon;
 
     private static Paint sAlphaPaint = new Paint();
@@ -609,27 +605,7 @@ class Tab implements PictureListener {
         @Override
         public WebResourceResponse shouldInterceptRequest(WebView view,
                 String url) {
-            Uri uri = Uri.parse(url);
-            if (uri.getScheme().toLowerCase().equals("file")) {
-                File file = new File(uri.getPath());
-                try {
-                    if (file.getCanonicalPath().startsWith(
-                            mContext.getApplicationContext().getApplicationInfo().dataDir)) {
-                        return new WebResourceResponse("text/html","UTF-8",
-                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
-                    }
-                } catch (Exception ex) {
-                    Log.e(LOGTAG, "Bad canonical path" + ex.toString());
-                    try {
-                        return new WebResourceResponse("text/html","UTF-8",
-                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
-                    } catch (java.io.UnsupportedEncodingException e) {
-                    }
-                }
-            }
-            WebResourceResponse res = HomeProvider.shouldInterceptRequest(
-                    mContext, url);
-            return res;
+            return HomeProvider.shouldInterceptRequest(mContext, url);
         }
 
         @Override
-- 
cgit v1.2.3