Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit fef654ff authored by Chen Xu's avatar Chen Xu
Browse files

Fix WebView vulnerability by disallowing file access 

Fix webvuew vulnerability inside captiveportal activity by disallowing
access private file in app's sandbox.

Bug: 150610071
Test: Build
Change-Id: I67e695478476b6ee9cf21ed41213f25441d9776a
parent 5387ec28

packages/CarrierDefaultApp/src/com/android/carrierdefaultapp/CaptivePortalLoginActivity.java

+1 −0
Original line number Diff line number Diff line
@@ -106,6 +106,7 @@ public class CaptivePortalLoginActivity extends Activity { 
        webSettings.setSupportZoom(true);

        webSettings.setBuiltInZoomControls(true);

        webSettings.setDomStorageEnabled(true);

        webSettings.setAllowFileAccess(false);

        mWebViewClient = new MyWebViewClient();

        mWebView.setWebViewClient(mWebViewClient);

        mWebView.setWebChromeClient(new MyWebChromeClient());