am 1e395bf5: am e3e09d43: am dea3d2ad: am 81cb07dc: am f8c18437: am 699496ca: am 6243e7cb: Restrict loading private browser files

* commit '1e395bf5184e309c857c90ce2a439b5f3d87d2fc': Restrict loading private browser files
author: Selim Gurun <sgurun@google.com> 2014-01-16 07:27:38 -0800
committer: Android Git Automerger <android-git-automerger@android.com> 2014-01-16 07:27:38 -0800
commit: 66d2de91e8a6741ea86c1da3faf1cfa28b515287 (patch)
tree: 5623fb851a21f456a0a0fc77f3dbe710a5cce390 /src/com/android/browser
parent: 0b198dc1836af04753ebeef424a9184b78dceec3 (diff)
parent: 1e395bf5184e309c857c90ce2a439b5f3d87d2fc (diff)
download: packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.zip
packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.tar.gz
packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.tar.bz2
1 files changed, 21 insertions, 0 deletions
diff --git a/src/com/android/browser/Tab.java b/src/com/android/browser/Tab.java
index e3a0333..79e635e 100644
--- a/src/com/android/browser/Tab.java
+++ b/src/com/android/browser/Tab.java
@@ -72,6 +72,7 @@ import com.android.browser.TabControl.OnThumbnailUpdatedListener;
 import com.android.browser.homepages.HomeProvider;
 import com.android.browser.provider.SnapshotProvider.Snapshots;
 
+import java.io.ByteArrayInputStream;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
@@ -101,6 +102,8 @@ class Tab implements PictureListener {
     private static final int CAPTURE_DELAY = 100;
     private static final int INITIAL_PROGRESS = 5;
 
+    private static final String RESTRICTED = "<html><body>not allowed</body></html>";
+
     private static Bitmap sDefaultFavicon;
 
     private static Paint sAlphaPaint = new Paint();
@@ -626,6 +629,24 @@ class Tab implements PictureListener {
         @Override
         public WebResourceResponse shouldInterceptRequest(WebView view,
                 String url) {
+            Uri uri = Uri.parse(url);
+            if (uri.getScheme().toLowerCase().equals("file")) {
+                File file = new File(uri.getPath());
+                try {
+                    if (file.getCanonicalPath().startsWith(
+                            mContext.getDatabasePath("foo").getParent())) {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    }
+                } catch (Exception ex) {
+                    Log.e(LOGTAG, "Bad canonical path" + ex.toString());
+                    try {
+                        return new WebResourceResponse("text/html","UTF-8",
+                                new ByteArrayInputStream(RESTRICTED.getBytes("UTF-8")));
+                    } catch (java.io.UnsupportedEncodingException e) {
+                    }
+                }
+            }
             WebResourceResponse res = HomeProvider.shouldInterceptRequest(
                     mContext, url);
             return res;
author	Selim Gurun <sgurun@google.com>	2014-01-16 07:27:38 -0800
committer	Android Git Automerger <android-git-automerger@android.com>	2014-01-16 07:27:38 -0800
commit	66d2de91e8a6741ea86c1da3faf1cfa28b515287 (patch)
tree	5623fb851a21f456a0a0fc77f3dbe710a5cce390 /src/com/android/browser
parent	0b198dc1836af04753ebeef424a9184b78dceec3 (diff)
parent	1e395bf5184e309c857c90ce2a439b5f3d87d2fc (diff)
download	packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.zip packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.tar.gz packages_apps_Browser-66d2de91e8a6741ea86c1da3faf1cfa28b515287.tar.bz2