Left: | ||
Right: |
OLD | NEW |
---|---|
1 /* | 1 /* |
2 * This Source Code Form is subject to the terms of the Mozilla Public | 2 * This Source Code Form is subject to the terms of the Mozilla Public |
3 * License, v. 2.0. If a copy of the MPL was not distributed with this | 3 * License, v. 2.0. If a copy of the MPL was not distributed with this |
4 * file, you can obtain one at http://mozilla.org/MPL/2.0/. | 4 * file, you can obtain one at http://mozilla.org/MPL/2.0/. |
5 */ | 5 */ |
6 | 6 |
7 // This should be in util/, but is here because of build dependency issues. | 7 // This should be in util/, but is here because of build dependency issues. |
8 package org.mozilla.gecko.mozglue; | 8 package org.mozilla.gecko.mozglue; |
9 | 9 |
10 import android.content.Intent; | 10 import android.content.Intent; |
11 import android.net.Uri; | 11 import android.net.Uri; |
12 import android.os.Bundle; | 12 import android.os.Bundle; |
13 import android.util.Log; | 13 import android.util.Log; |
14 | 14 |
15 import java.util.ArrayList; | 15 import java.util.ArrayList; |
16 | 16 |
17 /** | 17 /** |
18 * External applications can pass values into Intents that can cause us to crash : in defense, | 18 * External applications can pass values into Intents that can cause us to crash : in defense, |
19 * we wrap {@link Intent} and catch the exceptions they may force us to throw. S ee bug 1090385 | 19 * we wrap {@link Intent} and catch the exceptions they may force us to throw. S ee bug 1090385 |
20 * for more. | 20 * for more. |
21 */ | 21 */ |
22 public class SafeIntent { | 22 public class SafeIntent { |
23 private static final String LOGTAG = "Gecko" + SafeIntent.class.getSimpleNam e(); | 23 private static final String LOGTAG = "Gecko" + SafeIntent.class.getSimpleNam e(); |
24 | 24 |
25 private final Intent intent; | 25 private final Intent intent; |
26 | 26 |
27 public SafeIntent(final Intent intent) { | 27 public SafeIntent(final Intent intent) { |
28 stripDataUri(intent); | |
28 this.intent = intent; | 29 this.intent = intent; |
29 } | 30 } |
30 | 31 |
31 public boolean hasExtra(String name) { | 32 public boolean hasExtra(String name) { |
32 try { | 33 try { |
33 return intent.hasExtra(name); | 34 return intent.hasExtra(name); |
34 } catch (OutOfMemoryError e) { | 35 } catch (OutOfMemoryError e) { |
35 Log.w(LOGTAG, "Couldn't determine if intent had an extra: OOM. Malfo rmed?"); | 36 Log.w(LOGTAG, "Couldn't determine if intent had an extra: OOM. Malfo rmed?"); |
36 return false; | 37 return false; |
37 } catch (RuntimeException e) { | 38 } catch (RuntimeException e) { |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
124 return null; | 125 return null; |
125 } catch (RuntimeException e) { | 126 } catch (RuntimeException e) { |
126 Log.w(LOGTAG, "Couldn't get intent data.", e); | 127 Log.w(LOGTAG, "Couldn't get intent data.", e); |
127 return null; | 128 return null; |
128 } | 129 } |
129 } | 130 } |
130 | 131 |
131 public Intent getUnsafe() { | 132 public Intent getUnsafe() { |
132 return intent; | 133 return intent; |
133 } | 134 } |
135 | |
136 private static void stripDataUri(final Intent intent) { | |
137 // We should limit intent filters and check incoming intents against whi te-list | |
138 // But for now we just strip 'about:reader?url=' | |
139 if (intent != null && intent.getData() != null) { | |
140 final String url = intent.getData().toString(); | |
141 final String prefix = "about:reader?url="; | |
142 if (url != null && url.startsWith(prefix)) { | |
143 final String strippedUrl = url.replace(prefix, ""); | |
144 if (strippedUrl != null) { | |
jens
2017/11/14 11:17:51
Maybe we should also check && !strippedUrl.isEmpty
diegocarloslima
2017/11/14 11:22:10
Actually I'm just using the solution that Mozilla
| |
145 intent.setData(Uri.parse(strippedUrl)); | |
146 } | |
147 } | |
148 } | |
149 } | |
134 } | 150 } |
OLD | NEW |