Stop loading other package's font by default.
Since CONTEXT_RESTRICTED is not a default flag of createPackageContext, we can't rely on it for preventing unexpected font injections. To protect developers and existing apps from a risk of font injection, stop loading font from other package's resouce unless the developer explicitly set CONTEXT_IGNORE_SECURITY. This CL contains Iac2a6fb3d82ef23d5ca6ee33f4aaa9ed28455271 by manual merging to handle repository split. Bug: 62813533 Bug: 62879353 Test: Manually done Merged-In: I4442ddc48dadb5c968b444be86038b602074d301 Change-Id: I4442ddc48dadb5c968b444be86038b602074d301
Showing with 34 additions and 3 deletions