github/cordova-android
github/cordova-android
3
0
Fork 1
mirror of https://github.com/apache/cordova-android.git synced 2025-02-26 20:33:07 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixing CB-343: We need to respect the whitelist

Browse Source
This commit is contained in:
Joe Bowser 2012-03-16 10:55:06 -07:00
parent dc93556ef0
commit 04b3e4d847
3 changed files with 30 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
framework/src/org/apache/cordova/DroidGap.java
View File

@ -1333,7 +1333,7 @@ public class DroidGap extends Activity implements CordovaInterface {
* @param url * @param url
* @return * @return
*/ */
boolean isUrlWhiteListed(String url) { public boolean isUrlWhiteListed(String url) {
// Check to see if we have matched url previously // Check to see if we have matched url previously
if (whiteListCache.get(url) != null) { if (whiteListCache.get(url) != null) {

47
framework/src/org/apache/cordova/FileTransfer.java
View File

@ -416,32 +416,39 @@ public class FileTransfer extends Plugin {
file.getParentFile().mkdirs(); file.getParentFile().mkdirs();
// connect to server // connect to server
URL url = new URL(source); if(this.ctx.isUrlWhiteListed(source))
HttpURLConnection connection = (HttpURLConnection) url.openConnection(); {
connection.setRequestMethod("GET"); URL url = new URL(source);
connection.connect(); HttpURLConnection connection = (HttpURLConnection) url.openConnection();
connection.setRequestMethod("GET");
connection.connect();
Log.d(LOG_TAG, "Download file:" + url); Log.d(LOG_TAG, "Download file:" + url);
InputStream inputStream = connection.getInputStream(); InputStream inputStream = connection.getInputStream();
byte[] buffer = new byte[1024]; byte[] buffer = new byte[1024];
int bytesRead = 0; int bytesRead = 0;
FileOutputStream outputStream = new FileOutputStream(file); FileOutputStream outputStream = new FileOutputStream(file);
// write bytes to file // write bytes to file
while ( (bytesRead = inputStream.read(buffer)) > 0 ) { while ( (bytesRead = inputStream.read(buffer)) > 0 ) {
outputStream.write(buffer,0, bytesRead); outputStream.write(buffer,0, bytesRead);
}
outputStream.close();
Log.d(LOG_TAG, "Saved file: " + target);
// create FileEntry object
FileUtils fileUtil = new FileUtils();
return fileUtil.getEntry(file);
}
else
{
throw new IOException("Error: Unable to connect to domain");
} }
outputStream.close();
Log.d(LOG_TAG, "Saved file: " + target);
// create FileEntry object
FileUtils fileUtil = new FileUtils();
return fileUtil.getEntry(file);
} catch (Exception e) { } catch (Exception e) {
Log.d(LOG_TAG, e.getMessage(), e); Log.d(LOG_TAG, e.getMessage(), e);
throw new IOException("Error while downloading"); throw new IOException("Error while downloading");

2
framework/src/org/apache/cordova/api/CordovaInterface.java
View File

@ -141,5 +141,7 @@ public interface CordovaInterface {
boolean clearHistory, HashMap<String, Object> params); boolean clearHistory, HashMap<String, Object> params);
public abstract Context getApplicationContext(); public abstract Context getApplicationContext();
public abstract boolean isUrlWhiteListed(String source);
} }