r4sas
/
lightning-i2p
1
0
Fork 0
Code Issues Pull Requests Releases 1 Wiki Activity
Browse Source

Fixed security vulnerability in the intent selector

master
Anthony Restaino 9 years ago
parent
1c96b62eb6
commit
577efb76a4
2 changed files with 12 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      app/src/main/java/acr/browser/lightning/utils/IntentUtils.java
  2. 5
      app/src/main/java/acr/browser/lightning/view/LightningWebClient.java

9
app/src/main/java/acr/browser/lightning/utils/IntentUtils.java
Unescape View File

@ -7,6 +7,7 @@ import android.content.IntentFilter; @@ -7,6 +7,7 @@ import android.content.IntentFilter;
import android.content.pm.PackageManager;
import android.content.pm.ResolveInfo;
import android.net.Uri;
import android.os.Build;
import android.util.Log;
import android.webkit.WebView;
@ -39,6 +40,12 @@ public class IntentUtils { @@ -39,6 +40,12 @@ public class IntentUtils {
return false;
}
intent.addCategory(Intent.CATEGORY_BROWSABLE);
intent.setComponent(null);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH_MR1) {
intent.setSelector(null);
}
if (mActivity.getPackageManager().resolveActivity(intent, 0) == null) {
String packagename = intent.getPackage();
if (packagename != null) {
@ -51,8 +58,6 @@ public class IntentUtils { @@ -51,8 +58,6 @@ public class IntentUtils {
return false;
}
}
intent.addCategory(Intent.CATEGORY_BROWSABLE);
intent.setComponent(null);
if (tab != null) {
intent.putExtra(mActivity.getPackageName() + ".Origin", 1);
}

5
app/src/main/java/acr/browser/lightning/view/LightningWebClient.java
Unescape View File

@ -293,6 +293,11 @@ class LightningWebClient extends WebViewClient { @@ -293,6 +293,11 @@ class LightningWebClient extends WebViewClient {
return false;
}
if (intent != null) {
intent.addCategory(Intent.CATEGORY_BROWSABLE);
intent.setComponent(null);
if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.ICE_CREAM_SANDWICH_MR1) {
intent.setSelector(null);
}
try {
mActivity.startActivity(intent);
} catch (ActivityNotFoundException e) {

Write Preview
Loading…
Cancel
Save