github/cordova-android
github/cordova-android
3
0
Fork 1
mirror of https://github.com/apache/cordova-android.git synced 2025-01-19 23:42:53 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix security vulnerability - make sure any requests to run native code only come from url currently loaded into webview.

Browse Source
This commit is contained in:
Bryce Curtis 2011-06-13 15:16:08 -05:00 committed by Joe Bowser
parent eb3b1f91d4
commit d35e8cd44b
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
framework/src/com/phonegap/DroidGap.java
View File

@ -787,10 +787,14 @@ public class DroidGap extends PhonegapActivity {
*/ */
@Override @Override
public boolean onJsPrompt(WebView view, String url, String message, String defaultValue, JsPromptResult result) { public boolean onJsPrompt(WebView view, String url, String message, String defaultValue, JsPromptResult result) {
boolean reqOk = false;
if (((DroidGap)(this.ctx)).url.equals(url)) {
reqOk = true;
}
// Calling PluginManager.exec() to call a native service using // Calling PluginManager.exec() to call a native service using
// prompt(this.stringify(args), "gap:"+this.stringify([service, action, callbackId, true])); // prompt(this.stringify(args), "gap:"+this.stringify([service, action, callbackId, true]));
if (defaultValue != null && defaultValue.length() > 3 && defaultValue.substring(0, 4).equals("gap:")) { if (reqOk && defaultValue != null && defaultValue.length() > 3 && defaultValue.substring(0, 4).equals("gap:")) {
JSONArray array; JSONArray array;
try { try {
array = new JSONArray(defaultValue.substring(4)); array = new JSONArray(defaultValue.substring(4));
@ -806,13 +810,13 @@ public class DroidGap extends PhonegapActivity {
} }
// Polling for JavaScript messages // Polling for JavaScript messages
else if (defaultValue.equals("gap_poll:")) { else if (reqOk && defaultValue.equals("gap_poll:")) {
String r = callbackServer.getJavascript(); String r = callbackServer.getJavascript();
result.confirm(r); result.confirm(r);
} }
// Calling into CallbackServer // Calling into CallbackServer
else if (defaultValue.equals("gap_callbackServer:")) { else if (reqOk && defaultValue.equals("gap_callbackServer:")) {
String r = ""; String r = "";
if (message.equals("usePolling")) { if (message.equals("usePolling")) {
r = ""+callbackServer.usePolling(); r = ""+callbackServer.usePolling();