summaryrefslogtreecommitdiffstats
path: root/src/com/android/browser/IntentHandler.java
diff options
context:
space:
mode:
authorPaul Miller <paulmiller@google.com>2015-04-06 11:58:00 -0700
committerPaul Miller <paulmiller@google.com>2015-04-06 14:30:37 -0700
commitd001de09e1ced4446286e33e868b105b46c1700e (patch)
tree05f280a788353817885ae26a1feecbc7fbc45f47 /src/com/android/browser/IntentHandler.java
parentdc9c958256a66c333c1048ad21f1de8c1c0cdad3 (diff)
downloadpackages_apps_Browser-d001de09e1ced4446286e33e868b105b46c1700e.zip
packages_apps_Browser-d001de09e1ced4446286e33e868b105b46c1700e.tar.gz
packages_apps_Browser-d001de09e1ced4446286e33e868b105b46c1700e.tar.bz2
Forbid javascript- and file-scheme intents
BUG:13082135 BUG:19296779 Change-Id: Ifea908b175670fbce65205797b93e87adf25bb3d
Diffstat (limited to 'src/com/android/browser/IntentHandler.java')
-rw-r--r--src/com/android/browser/IntentHandler.java55
1 files changed, 36 insertions, 19 deletions
diff --git a/src/com/android/browser/IntentHandler.java b/src/com/android/browser/IntentHandler.java
index 1b8dfc7..d06d34f 100644
--- a/src/com/android/browser/IntentHandler.java
+++ b/src/com/android/browser/IntentHandler.java
@@ -29,6 +29,7 @@ import android.os.Bundle;
import android.provider.Browser;
import android.provider.MediaStore;
import android.text.TextUtils;
+import android.util.Log;
import android.util.Patterns;
import com.android.browser.UI.ComboViews;
@@ -37,6 +38,7 @@ import com.android.common.Search;
import java.util.HashMap;
import java.util.Iterator;
+import java.util.Locale;
import java.util.Map;
/**
@@ -44,6 +46,8 @@ import java.util.Map;
*/
public class IntentHandler {
+ private static final String TAG = "IntentHandler";
+
// "source" parameter for Google search suggested by the browser
final static String GOOGLE_SEARCH_SOURCE_SUGGEST = "browser-suggest";
// "source" parameter for Google search from unknown source
@@ -51,6 +55,12 @@ public class IntentHandler {
/* package */ static final UrlData EMPTY_URL_DATA = new UrlData(null);
+ private static final String[] SCHEME_WHITELIST = {
+ "http",
+ "https",
+ "about",
+ };
+
private Activity mActivity;
private Controller mController;
private TabControl mTabControl;
@@ -64,6 +74,12 @@ public class IntentHandler {
}
void onNewIntent(Intent intent) {
+ Uri uri = intent.getData();
+ if (uri != null && isForbiddenUri(uri)) {
+ Log.e(TAG, "Aborting intent with forbidden uri, \"" + uri + "\"");
+ return;
+ }
+
Tab current = mTabControl.getCurrentTab();
// When a tab is closed on exit, the current tab index is set to -1.
// Reset before proceed as Browser requires the current tab to be set.
@@ -107,33 +123,18 @@ public class IntentHandler {
urlData = new UrlData(mSettings.getHomePage());
}
- // If url is to view private data files, don't allow.
- Uri uri = intent.getData();
- if (uri != null && uri.getScheme().toLowerCase().startsWith("file") &&
- uri.getPath().startsWith(mActivity.getDatabasePath("foo").getParent())) {
- return;
- }
-
if (intent.getBooleanExtra(Browser.EXTRA_CREATE_NEW_TAB, false)
|| urlData.isPreloaded()) {
Tab t = mController.openTab(urlData);
return;
}
/*
- * TODO: Don't allow javascript URIs
- * 0) If this is a javascript: URI, *always* open a new tab
- * 1) If the URL is already opened, switch to that tab
- * 2-phone) Reuse tab with same appId
- * 2-tablet) Open new tab
+ * If the URL is already opened, switch to that tab
+ * phone: Reuse tab with same appId
+ * tablet: Open new tab
*/
final String appId = intent
.getStringExtra(Browser.EXTRA_APPLICATION_ID);
- if (!TextUtils.isEmpty(urlData.mUrl) &&
- urlData.mUrl.startsWith("javascript:")) {
- // Always open javascript: URIs in new tabs
- mController.openTab(urlData);
- return;
- }
if (Intent.ACTION_VIEW.equals(action)
&& (appId != null)
&& appId.startsWith(mActivity.getPackageName())) {
@@ -314,8 +315,24 @@ public class IntentHandler {
return true;
}
+ private static boolean isForbiddenUri(Uri uri) {
+ String scheme = uri.getScheme();
+ // Allow URIs with no scheme
+ if (scheme == null) {
+ return false;
+ }
+
+ scheme = scheme.toLowerCase(Locale.US);
+ for (String allowed : SCHEME_WHITELIST) {
+ if (allowed.equals(scheme)) {
+ return false;
+ }
+ }
+ return true;
+ }
+
/**
- * A UrlData class to abstract how the content will be set to WebView.
+ * A UrlData class to abstract how the content will be sent to WebView.
* This base class uses loadUrl to show the content.
*/
static class UrlData {