[tor-commits] [tor-browser/tor-browser-52.7.3esr-8.0-1] Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, r=nalexander
gk at torproject.org
gk at torproject.org
Mon Apr 30 09:30:36 UTC 2018
commit e53935623c1da11a7b327542667dba32ddd95017
Author: Eugen Sawin <esawin at mozilla.com>
Date: Tue Apr 24 19:09:24 2018 -0300
Bug 1356893 - Reject opening intents with file data schemes. r=sebastian, r=nalexander
--HG--
extra : rebase_source : 1f764df3309b3641f124915b1a1204afbbd8354a
---
mobile/android/base/java/org/mozilla/gecko/IntentHelper.java | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java b/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
index efe9576d7d19..e2f34f926b72 100644
--- a/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
+++ b/mobile/android/base/java/org/mozilla/gecko/IntentHelper.java
@@ -287,6 +287,12 @@ public final class IntentHelper implements GeckoEventListener,
return null;
}
+ final Uri data = intent.getData();
+ if (data != null && "file".equals(data.normalizeScheme().getScheme())) {
+ Log.w(LOGTAG, "Blocked intent with \"file://\" data scheme.");
+ return null;
+ }
+
// Only open applications which can accept arbitrary data from a browser.
intent.addCategory(Intent.CATEGORY_BROWSABLE);
More information about the tor-commits
mailing list