diff options
author | John Reck <jreck@google.com> | 2011-10-17 12:52:36 -0700 |
---|---|---|
committer | Android Git Automerger <android-git-automerger@android.com> | 2011-10-17 12:52:36 -0700 |
commit | daeb75d92c75a5ab4bc3de6c63c8b1f6b859a002 (patch) | |
tree | 14075b6fed8ee7bc24d74760afb8383296cf9a45 | |
parent | 9ef9d994bc8ccaa476a0069ed2df5bcd4c63905b (diff) | |
parent | fc853325e9a170fb21648b939d859a46aca3bb1e (diff) | |
download | packages_apps_browser-daeb75d92c75a5ab4bc3de6c63c8b1f6b859a002.zip packages_apps_browser-daeb75d92c75a5ab4bc3de6c63c8b1f6b859a002.tar.gz packages_apps_browser-daeb75d92c75a5ab4bc3de6c63c8b1f6b859a002.tar.bz2 |
am fc853325: Merge "HTML escape most visited" into ics-mr0
* commit 'fc853325e9a170fb21648b939d859a46aca3bb1e':
HTML escape most visited
-rw-r--r-- | src/com/android/browser/homepages/RequestHandler.java | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/src/com/android/browser/homepages/RequestHandler.java b/src/com/android/browser/homepages/RequestHandler.java index e0a0eac..defda61 100644 --- a/src/com/android/browser/homepages/RequestHandler.java +++ b/src/com/android/browser/homepages/RequestHandler.java @@ -16,23 +16,24 @@ */
package com.android.browser.homepages;
-import com.android.browser.R;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
import android.content.Context;
import android.content.UriMatcher;
import android.content.res.Resources;
import android.database.Cursor;
import android.net.Uri;
import android.provider.Browser;
+import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
+import com.android.browser.R;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
public class RequestHandler extends Thread {
private static final String TAG = "RequestHandler";
@@ -79,6 +80,10 @@ public class RequestHandler extends Thread { }
}
+ byte[] htmlEncode(String s) {
+ return TextUtils.htmlEncode(s).getBytes();
+ }
+
void writeTemplatedIndex() throws IOException {
Template t = Template.getCachedTemplate(mContext, R.raw.most_visited);
Cursor cursor = mContext.getContentResolver().query(Browser.BOOKMARKS_URI,
@@ -90,9 +95,9 @@ public class RequestHandler extends Thread { public void writeValue(OutputStream stream, String key) throws IOException {
Cursor cursor = getCursor();
if (key.equals("url")) {
- stream.write(cursor.getString(0).getBytes());
+ stream.write(htmlEncode(cursor.getString(0)));
} else if (key.equals("title")) {
- stream.write(cursor.getString(1).getBytes());
+ stream.write(htmlEncode(cursor.getString(1)));
} else if (key.equals("thumbnail")) {
stream.write("data:image/png;base64,".getBytes());
byte[] thumb = cursor.getBlob(2);
|