You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by bo...@apache.org on 2012/03/16 18:55:31 UTC
android commit: Fixing CB-343: We need to respect the whitelist
Updated Branches:
refs/heads/master dc93556ef -> 04b3e4d84
Fixing CB-343: We need to respect the whitelist
Project: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/commit/04b3e4d8
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/tree/04b3e4d8
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/diff/04b3e4d8
Branch: refs/heads/master
Commit: 04b3e4d8472582d45379e257503cd3f9d6ccfa30
Parents: dc93556
Author: Joe Bowser <bo...@apache.org>
Authored: Fri Mar 16 10:55:06 2012 -0700
Committer: Joe Bowser <bo...@apache.org>
Committed: Fri Mar 16 10:55:06 2012 -0700
----------------------------------------------------------------------
framework/src/org/apache/cordova/DroidGap.java | 2 +-
framework/src/org/apache/cordova/FileTransfer.java | 41 +++++++++------
.../org/apache/cordova/api/CordovaInterface.java | 2 +
3 files changed, 27 insertions(+), 18 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/blob/04b3e4d8/framework/src/org/apache/cordova/DroidGap.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/DroidGap.java b/framework/src/org/apache/cordova/DroidGap.java
index 4cbdcc2..3a138ff 100755
--- a/framework/src/org/apache/cordova/DroidGap.java
+++ b/framework/src/org/apache/cordova/DroidGap.java
@@ -1333,7 +1333,7 @@ public class DroidGap extends Activity implements CordovaInterface {
* @param url
* @return
*/
- boolean isUrlWhiteListed(String url) {
+ public boolean isUrlWhiteListed(String url) {
// Check to see if we have matched url previously
if (whiteListCache.get(url) != null) {
http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/blob/04b3e4d8/framework/src/org/apache/cordova/FileTransfer.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/FileTransfer.java b/framework/src/org/apache/cordova/FileTransfer.java
index 1471fe8..56bce56 100644
--- a/framework/src/org/apache/cordova/FileTransfer.java
+++ b/framework/src/org/apache/cordova/FileTransfer.java
@@ -416,32 +416,39 @@ public class FileTransfer extends Plugin {
file.getParentFile().mkdirs();
// connect to server
- URL url = new URL(source);
- HttpURLConnection connection = (HttpURLConnection) url.openConnection();
- connection.setRequestMethod("GET");
- connection.connect();
+ if(this.ctx.isUrlWhiteListed(source))
+ {
+ URL url = new URL(source);
+ HttpURLConnection connection = (HttpURLConnection) url.openConnection();
+ connection.setRequestMethod("GET");
+ connection.connect();
- Log.d(LOG_TAG, "Download file:" + url);
+ Log.d(LOG_TAG, "Download file:" + url);
- InputStream inputStream = connection.getInputStream();
- byte[] buffer = new byte[1024];
- int bytesRead = 0;
+ InputStream inputStream = connection.getInputStream();
+ byte[] buffer = new byte[1024];
+ int bytesRead = 0;
- FileOutputStream outputStream = new FileOutputStream(file);
+ FileOutputStream outputStream = new FileOutputStream(file);
- // write bytes to file
- while ( (bytesRead = inputStream.read(buffer)) > 0 ) {
+ // write bytes to file
+ while ( (bytesRead = inputStream.read(buffer)) > 0 ) {
outputStream.write(buffer,0, bytesRead);
- }
+ }
- outputStream.close();
+ outputStream.close();
- Log.d(LOG_TAG, "Saved file: " + target);
+ Log.d(LOG_TAG, "Saved file: " + target);
- // create FileEntry object
- FileUtils fileUtil = new FileUtils();
+ // create FileEntry object
+ FileUtils fileUtil = new FileUtils();
- return fileUtil.getEntry(file);
+ return fileUtil.getEntry(file);
+ }
+ else
+ {
+ throw new IOException("Error: Unable to connect to domain");
+ }
} catch (Exception e) {
Log.d(LOG_TAG, e.getMessage(), e);
throw new IOException("Error while downloading");
http://git-wip-us.apache.org/repos/asf/incubator-cordova-android/blob/04b3e4d8/framework/src/org/apache/cordova/api/CordovaInterface.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/api/CordovaInterface.java b/framework/src/org/apache/cordova/api/CordovaInterface.java
index c91a160..79dbe74 100755
--- a/framework/src/org/apache/cordova/api/CordovaInterface.java
+++ b/framework/src/org/apache/cordova/api/CordovaInterface.java
@@ -141,5 +141,7 @@ public interface CordovaInterface {
boolean clearHistory, HashMap<String, Object> params);
public abstract Context getApplicationContext();
+
+ public abstract boolean isUrlWhiteListed(String source);
}