diff options
author | Marcin Kosiba <mkosiba@google.com> | 2014-05-07 15:22:07 +0100 |
---|---|---|
committer | Bill Yi <byi@google.com> | 2014-06-17 14:19:59 -0700 |
commit | 7a7dce808e1545e859b80b86f0279ee68ce3f0cc (patch) | |
tree | 90c5b3c7164182eb1b9db15c274bd53cdff056a0 | |
parent | ce0577bf9de1ee54ce1bf818505211353ba98512 (diff) | |
download | webview-kitkat-wear.tar.gz |
Sanitize selector Intent when handling intent: scheme.android-4.4w_r1android-4.4.4_r2.0.1android-4.4.4_r2android-4.4.4_r1.0.1android-4.4.4_r1kitkat-wearkitkat-mr2.2-releasekitkat-mr2.1-release
Android Intents have a selector field which, if present, are used
to search for the Activity to invoke. These must also be sanitized
before handing off to the OS.
BUG:14562482
Change-Id: I30461e11be48ec623ab0f56d0d0f206dc2849c98
-rw-r--r-- | chromium/java/com/android/webview/chromium/WebViewContentsClientAdapter.java | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/chromium/java/com/android/webview/chromium/WebViewContentsClientAdapter.java b/chromium/java/com/android/webview/chromium/WebViewContentsClientAdapter.java index 8749985..3a81c0d 100644 --- a/chromium/java/com/android/webview/chromium/WebViewContentsClientAdapter.java +++ b/chromium/java/com/android/webview/chromium/WebViewContentsClientAdapter.java @@ -189,6 +189,11 @@ public class WebViewContentsClientAdapter extends AwContentsClient { // security (only access to BROWSABLE activities). intent.addCategory(Intent.CATEGORY_BROWSABLE); intent.setComponent(null); + Intent selector = intent.getSelector(); + if (selector != null) { + selector.addCategory(Intent.CATEGORY_BROWSABLE); + selector.setComponent(null); + } // Pass the package name as application ID so that the intent from the // same application can be opened in the same tab. intent.putExtra(Browser.EXTRA_APPLICATION_ID, |