Sanitize selector Intent when handling intent: scheme.

Android Intents have a selector field which, if present, are used to search for the Activity to invoke. These must also be sanitized before handing off to the OS. BUG:14562482 Change-Id: I21752bc7841cf452ed42547acb6816f044130901
author: Marcin Kosiba <mkosiba@google.com> 2014-05-07 15:39:39 +0100
committer: Marcin Kosiba <mkosiba@google.com> 2014-05-07 15:39:39 +0100
commit: bac9c87bcdfba871f325bda3266b077bcee6b93c (patch)
tree: 6668f6ac4336cb3960e1c4000253477416b1fa62
parent: c64a55dea1445bc5d88756a74cae32fa1b0fb533 (diff)
download: Browser-bac9c87bcdfba871f325bda3266b077bcee6b93c.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/com/android/browser/UrlHandler.java b/src/com/android/browser/UrlHandler.java
index 167d4105..e21e3e87 100644
--- a/src/com/android/browser/UrlHandler.java
+++ b/src/com/android/browser/UrlHandler.java
@@ -160,6 +160,11 @@ public class UrlHandler {
       // security (only access to BROWSABLE activities).
       intent.addCategory(Intent.CATEGORY_BROWSABLE);
       intent.setComponent(null);
+      Intent selector = intent.getSelector();
+      if (selector != null) {
+          selector.addCategory(Intent.CATEGORY_BROWSABLE);
+          selector.setComponent(null);
+      }
       // Re-use the existing tab if the intent comes back to us
       if (tab != null) {
           if (tab.getAppId() == null) {
author	Marcin Kosiba <mkosiba@google.com>	2014-05-07 15:39:39 +0100
committer	Marcin Kosiba <mkosiba@google.com>	2014-05-07 15:39:39 +0100
commit	bac9c87bcdfba871f325bda3266b077bcee6b93c (patch)
tree	6668f6ac4336cb3960e1c4000253477416b1fa62
parent	c64a55dea1445bc5d88756a74cae32fa1b0fb533 (diff)
download	Browser-bac9c87bcdfba871f325bda3266b077bcee6b93c.tar.gz