diff options
author | Steve Block <steveblock@google.com> | 2012-04-23 18:08:06 +0100 |
---|---|---|
committer | Steve Block <steveblock@google.com> | 2012-04-26 23:25:29 +0100 |
commit | ef163150805625a148a9715eff6693277f79dcef (patch) | |
tree | 45544bfdcd61e10faef0369ad7413c48ed6c1742 /core/java/android/webkit/WebSettings.java | |
parent | 2be1523ba9ee102dc0a2f825f6512fed2929a232 (diff) | |
download | frameworks_base-ef163150805625a148a9715eff6693277f79dcef.zip frameworks_base-ef163150805625a148a9715eff6693277f79dcef.tar.gz frameworks_base-ef163150805625a148a9715eff6693277f79dcef.tar.bz2 |
Tweak JavaDoc for WebSettings.setAllowUniversalAccessFromFileURLs() and setAllowFileAccessFromFileURLs()
Bug: 6212665
Change-Id: Ifc5c83cfee7cf63edbe2c65c55617eb01ea9eced
Diffstat (limited to 'core/java/android/webkit/WebSettings.java')
-rw-r--r-- | core/java/android/webkit/WebSettings.java | 55 |
1 files changed, 34 insertions, 21 deletions
diff --git a/core/java/android/webkit/WebSettings.java b/core/java/android/webkit/WebSettings.java index 901372b..fa3cb20 100644 --- a/core/java/android/webkit/WebSettings.java +++ b/core/java/android/webkit/WebSettings.java @@ -848,25 +848,37 @@ public abstract class WebSettings { } /** - * Configures scripting (such as XmlHttpRequest) access from file scheme URLs - * to any origin. Note, calling this method with a true argument value also - * implies calling setAllowFileAccessFromFileURLs with a true. The default - * value is false for API level {@link android.os.Build.VERSION_CODES#JELLY_BEAN} - * and higher and true otherwise. + * Sets whether JavaScript running in the context of a file scheme URL + * should be allowed to access content from any origin. This includes + * access to content from other file scheme URLs. See + * {@link #setAllowFileAccessFromFileURLs}. To enable the most restrictive, + * and therefore secure policy, this setting should be disabled. + * <p> + * The default value is true for API level + * {@link android.os.Build.VERSION_CODES#ICE_CREAM_SANDWICH_MR1} and below, + * and false for API level {@link android.os.Build.VERSION_CODES#JELLY_BEAN} + * and above. * - * @param flag true if the WebView should allow scripting access from file - * scheme URLs to any origin + * @param flag whether JavaScript running in the context of a file scheme + * URL should be allowed to access content from any origin */ public abstract void setAllowUniversalAccessFromFileURLs(boolean flag); /** - * Configures scripting (such as XmlHttpRequest) access from file scheme URLs - * to file origin. The default value is false for API level - * {@link android.os.Build.VERSION_CODES#JELLY_BEAN} and higher and true - * otherwise. + * Sets whether JavaScript running in the context of a file scheme URL + * should be allowed to access content from other file scheme URLs. To + * enable the most restrictive, and therefore secure policy, this setting + * should be disabled. Note that the value of this setting is ignored if + * the value of {@link #getAllowUniversalAccessFromFileURLs} is true. + * <p> + * The default value is true for API level + * {@link android.os.Build.VERSION_CODES#ICE_CREAM_SANDWICH_MR1} and below, + * and false for API level {@link android.os.Build.VERSION_CODES#JELLY_BEAN} + * and above. * - * @param flag true if the WebView should allow scripting access from file - * scheme URLs to file origin + * @param flag whether JavaScript running in the context of a file scheme + * URL should be allowed to access content from other file + * scheme URLs */ public abstract void setAllowFileAccessFromFileURLs(boolean flag); @@ -1028,21 +1040,22 @@ public abstract class WebSettings { } /** - * Gets whether scripting access {see @setAllowUniversalAccessFromFileURLs} from - * file URLs to any origin is enabled. + * Gets whether JavaScript running in the context of a file scheme URL can + * access content from any origin. This includes access to content from + * other file scheme URLs. * - * @return true if the WebView allows scripting access from file scheme requests - * to any origin + * @return whether JavaScript running in the context of a file scheme URL + * can access content from any origin * @see #setAllowUniversalAccessFromFileURLs */ public abstract boolean getAllowUniversalAccessFromFileURLs(); /** - * Gets whether scripting access {see @setAllowFileAccessFromFileURLs} from file - * URLs to file origin is enabled. + * Gets whether JavaScript running in the context of a file scheme URL can + * access content from other file scheme URLs. * - * @return true if the WebView allows scripting access from file scheme requests - * to file origin + * @return whether JavaScript running in the context of a file scheme URL + * can access content from other file scheme URLs * @see #setAllowFileAccessFromFileURLs */ public abstract boolean getAllowFileAccessFromFileURLs(); |