Merge "MediaHTTPConnection: handles cross protocol redirects." into lmp-dev

author: Ronghua Wu <ronghuawu@google.com> 2014-08-21 22:24:15 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2014-08-21 22:24:16 +0000
commit: c90c7d257c21a7680c1b642f8da917826fc986c5 (patch)
tree: d79ffc61c846ff76b397db885578ce9269821f6f /media
parent: e647a013a054db3d8066924dab90f5d72044f186 (diff)
parent: 5b9305fe9bbe8bb6916bd8daff085c0675b626f3 (diff)
download: frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.zip
frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.tar.gz
frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.tar.bz2
1 files changed, 8 insertions, 1 deletions
diff --git a/media/java/android/media/MediaHTTPConnection.java b/media/java/android/media/MediaHTTPConnection.java
index d3b1520..05acf90 100644
--- a/media/java/android/media/MediaHTTPConnection.java
+++ b/media/java/android/media/MediaHTTPConnection.java
@@ -47,6 +47,7 @@ public class MediaHTTPConnection extends IMediaHTTPConnection.Stub {
     private InputStream mInputStream = null;
 
     private boolean mAllowCrossDomainRedirect = true;
+    private boolean mAllowCrossProtocolRedirect = true;
 
     // from com.squareup.okhttp.internal.http
     private final static int HTTP_TEMP_REDIRECT = 307;
@@ -91,6 +92,8 @@ public class MediaHTTPConnection extends IMediaHTTPConnection.Stub {
     private boolean filterOutInternalHeaders(String key, String val) {
         if ("android-allow-cross-domain-redirect".equalsIgnoreCase(key)) {
             mAllowCrossDomainRedirect = parseBoolean(val);
+            // cross-protocol redirects are also controlled by this flag
+            mAllowCrossProtocolRedirect = mAllowCrossDomainRedirect;
         } else {
             return false;
         }
@@ -190,8 +193,12 @@ public class MediaHTTPConnection extends IMediaHTTPConnection.Stub {
                         !url.getProtocol().equals("http")) {
                     throw new NoRouteToHostException("Unsupported protocol redirect");
                 }
+                boolean sameProtocol = mURL.getProtocol().equals(url.getProtocol());
+                if (!mAllowCrossProtocolRedirect && !sameProtocol) {
+                    throw new NoRouteToHostException("Cross-protocol redirects are disallowed");
+                }
                 boolean sameHost = mURL.getHost().equals(url.getHost());
-                if (!sameHost) {
+                if (!mAllowCrossDomainRedirect && !sameHost) {
                     throw new NoRouteToHostException("Cross-domain redirects are disallowed");
                 }
author	Ronghua Wu <ronghuawu@google.com>	2014-08-21 22:24:15 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2014-08-21 22:24:16 +0000
commit	c90c7d257c21a7680c1b642f8da917826fc986c5 (patch)
tree	d79ffc61c846ff76b397db885578ce9269821f6f /media
parent	e647a013a054db3d8066924dab90f5d72044f186 (diff)
parent	5b9305fe9bbe8bb6916bd8daff085c0675b626f3 (diff)
download	frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.zip frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.tar.gz frameworks_base-c90c7d257c21a7680c1b642f8da917826fc986c5.tar.bz2