Merge pull request #1291 from mozilla/reject-loading-unexpected-urls
Fix #1283 Prevent loading any pages other than our file:/// url resou…
This commit is contained in:
commit
890642fcff
|
@ -71,11 +71,11 @@ class MainActivity : AppCompatActivity(), AdvancedWebView.Listener {
|
||||||
if (Intent.ACTION_SEND == intent.action && type != null) {
|
if (Intent.ACTION_SEND == intent.action && type != null) {
|
||||||
if (type == "text/plain") {
|
if (type == "text/plain") {
|
||||||
val sharedText = intent.getStringExtra(Intent.EXTRA_TEXT)
|
val sharedText = intent.getStringExtra(Intent.EXTRA_TEXT)
|
||||||
Log.d(TAG_INTENT, "text/plain $sharedText")
|
// Log.d(TAG_INTENT, "text/plain $sharedText")
|
||||||
mToShare = "data:text/plain;base64," + Base64.encodeToString(sharedText.toByteArray(), 16).trim()
|
mToShare = "data:text/plain;base64," + Base64.encodeToString(sharedText.toByteArray(), 16).trim()
|
||||||
} else if (type.startsWith("image/")) {
|
} else if (type.startsWith("image/")) {
|
||||||
val imageUri = intent.getParcelableExtra(Intent.EXTRA_STREAM) as Uri
|
val imageUri = intent.getParcelableExtra(Intent.EXTRA_STREAM) as Uri
|
||||||
Log.d(TAG_INTENT, "image/ $imageUri")
|
// Log.d(TAG_INTENT, "image/ $imageUri")
|
||||||
mToShare = "data:text/plain;base64," + Base64.encodeToString(imageUri.path.toByteArray(), 16).trim()
|
mToShare = "data:text/plain;base64," + Base64.encodeToString(imageUri.path.toByteArray(), 16).trim()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -87,13 +87,13 @@ class MainActivity : AppCompatActivity(), AdvancedWebView.Listener {
|
||||||
mAccount = FirefoxAccount(value, "20f7931c9054d833", "https://send.firefox.com/fxa/android-redirect.html")
|
mAccount = FirefoxAccount(value, "20f7931c9054d833", "https://send.firefox.com/fxa/android-redirect.html")
|
||||||
mAccount?.beginOAuthFlow(arrayOf("profile", "https://identity.mozilla.com/apps/send"), true)
|
mAccount?.beginOAuthFlow(arrayOf("profile", "https://identity.mozilla.com/apps/send"), true)
|
||||||
?.then { url ->
|
?.then { url ->
|
||||||
Log.d(TAG_CONFIG, "GOT A URL $url")
|
// Log.d(TAG_CONFIG, "GOT A URL $url")
|
||||||
this@MainActivity.runOnUiThread {
|
this@MainActivity.runOnUiThread {
|
||||||
webView.loadUrl(url)
|
webView.loadUrl(url)
|
||||||
}
|
}
|
||||||
FxaResult.fromValue(Unit)
|
FxaResult.fromValue(Unit)
|
||||||
}
|
}
|
||||||
Log.d(TAG_CONFIG, "CREATED FIREFOXACCOUNT")
|
// Log.d(TAG_CONFIG, "CREATED FIREFOXACCOUNT")
|
||||||
FxaResult.fromValue(Unit)
|
FxaResult.fromValue(Unit)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -172,13 +172,21 @@ class MainActivity : AppCompatActivity(), AdvancedWebView.Listener {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Log.d(TAG_MAIN, "onPageStarted")
|
if (!url.startsWith("file:///android_asset/") && !url.startsWith("https://accounts.firefox.com/")) {
|
||||||
|
// Don't allow loading anything other than the app in our webview
|
||||||
|
// It should be possible to do this with shouldOverrideUrlLoading
|
||||||
|
// but it didn't seem to be working, so this works as a hack.
|
||||||
|
webView.loadUrl("file:///android_asset/android.html")
|
||||||
|
Log.d(TAG_MAIN, "BAD URL " + url)
|
||||||
|
} else {
|
||||||
|
// Log.d(TAG_MAIN, "onPageStarted " + url)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
override fun onPageFinished(url: String) {
|
override fun onPageFinished(url: String) {
|
||||||
Log.d(TAG_MAIN, "onPageFinished")
|
// Log.d(TAG_MAIN, "onPageFinished")
|
||||||
if (mToShare != null) {
|
if (mToShare != null) {
|
||||||
Log.d(TAG_INTENT, mToShare)
|
// Log.d(TAG_INTENT, mToShare)
|
||||||
|
|
||||||
webView.postWebMessage(WebMessage(mToShare), Uri.EMPTY)
|
webView.postWebMessage(WebMessage(mToShare), Uri.EMPTY)
|
||||||
mToShare = null
|
mToShare = null
|
||||||
|
@ -202,11 +210,11 @@ class MainActivity : AppCompatActivity(), AdvancedWebView.Listener {
|
||||||
contentLength: Long,
|
contentLength: Long,
|
||||||
contentDisposition: String,
|
contentDisposition: String,
|
||||||
userAgent: String) {
|
userAgent: String) {
|
||||||
Log.d(TAG_MAIN, "onDownloadRequested")
|
// Log.d(TAG_MAIN, "onDownloadRequested")
|
||||||
}
|
}
|
||||||
|
|
||||||
override fun onExternalPageRequest(url: String) {
|
override fun onExternalPageRequest(url: String) {
|
||||||
Log.d(TAG_MAIN, "onExternalPageRequest($url)")
|
// Log.d(TAG_MAIN, "onExternalPageRequest($url)")
|
||||||
}
|
}
|
||||||
|
|
||||||
companion object {
|
companion object {
|
||||||
|
|
Loading…
Reference in New Issue