Restrict loading private browser files

Bug:11516871 Change-Id: I6a717a157f3d29edfffc36dc2da45c6df30d6ccd
author: Selim Gurun <sgurun@google.com> 2014-01-14 17:27:54 -0800
committer: Selim Gurun <sgurun@google.com> 2014-01-15 16:11:03 -0800
commit: 6243e7cb0eb836af28b23a2e00d89627b90496e4 (patch)
tree: 7f71d892647cb7cb8b1289a5cd3b80bf90f8faee /src/com/android/browser/Tab.java
parent: 7719d6ca3fd4079add8a9648838d99244a237eaf (diff)
download: packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.zip
packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.tar.gz
packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.tar.bz2
1 files changed, 21 insertions, 0 deletions
diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index 28734bd..2f00b26 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -71,6 +71,7 @@ import com.android.browser.TabControl.OnThumbnailUpdatedListener;
 import com.android.browser.homepages.HomeProvider;
 import com.android.browser.provider.SnapshotProvider.Snapshots;
 
+import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
@@ -100,6 +101,8 @@ class Tab implements PictureListener {
     private static final int CAPTURE_DELAY = 100;
     private static final int INITIAL_PROGRESS = 5;
 
+    private static final String RESTRICTED = "<html><body>not allowed</body></html>";
+
     private static Bitmap sDefaultFavicon;
 
     private static Paint sAlphaPaint = new Paint();
@@ -623,6 +626,24 @@ class Tab implements PictureListener {
         @Override
         public WebResourceResponse shouldInterceptRequest(WebView view,
                 String url) {
+            Uri uri = Uri.parse(url);
+            if (uri.getScheme().toLowerCase().equals("file")) {
+                File file = new File(uri.getPath());
+                try {
+                    if (file.getCanonicalPath().startsWith(
+                            mContext.getDatabasePath("foo").getParent())) {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    }
+                } catch (Exception ex) {
+                    Log.e(LOGTAG, "Bad canonical path" + ex.toString());
+                    try {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    } catch (java.io.UnsupportedEncodingException e) {
+                    }
+                }
+            }
             WebResourceResponse res = HomeProvider.shouldInterceptRequest(
                     mContext, url);
             return res;
author	Selim Gurun <sgurun@google.com>	2014-01-14 17:27:54 -0800
committer	Selim Gurun <sgurun@google.com>	2014-01-15 16:11:03 -0800
commit	6243e7cb0eb836af28b23a2e00d89627b90496e4 (patch)
tree	7f71d892647cb7cb8b1289a5cd3b80bf90f8faee /src/com/android/browser/Tab.java
parent	7719d6ca3fd4079add8a9648838d99244a237eaf (diff)
download	packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.zip packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.tar.gz packages_apps_Browser-6243e7cb0eb836af28b23a2e00d89627b90496e4.tar.bz2