diff options
| -rw-r--r-- | core/java/android/webkit/FrameLoader.java | 18 | ||||
| -rw-r--r-- | core/java/android/webkit/URLUtil.java | 26 |
2 files changed, 33 insertions, 11 deletions
diff --git a/core/java/android/webkit/FrameLoader.java b/core/java/android/webkit/FrameLoader.java index 829872962921..e7978acba075 100644 --- a/core/java/android/webkit/FrameLoader.java +++ b/core/java/android/webkit/FrameLoader.java @@ -95,17 +95,6 @@ class FrameLoader { public boolean executeLoad() { String url = mListener.url(); - // Attempt to decode the percent-encoded url. - try { - url = new String(URLUtil.decode(url.getBytes())); - } catch (IllegalArgumentException e) { - // Fail with a bad url error if the decode fails. - mListener.error(EventHandler.ERROR_BAD_URL, - mListener.getContext().getString( - com.android.internal.R.string.httpErrorBadUrl)); - return false; - } - if (URLUtil.isNetworkUrl(url)){ if (mSettings.getBlockNetworkLoads()) { mListener.error(EventHandler.ERROR_BAD_URL, @@ -113,6 +102,13 @@ class FrameLoader { com.android.internal.R.string.httpErrorBadUrl)); return false; } + // Make sure it is correctly URL encoded before sending the request + if (!URLUtil.verifyURLEncoding(url)) { + mListener.error(EventHandler.ERROR_BAD_URL, + mListener.getContext().getString( + com.android.internal.R.string.httpErrorBadUrl)); + return false; + } mNetwork = Network.getInstance(mListener.getContext()); return handleHTTPLoad(); } else if (handleLocalFile(url, mListener, mSettings)) { diff --git a/core/java/android/webkit/URLUtil.java b/core/java/android/webkit/URLUtil.java index 1d1828999305..5ed42e9ea163 100644 --- a/core/java/android/webkit/URLUtil.java +++ b/core/java/android/webkit/URLUtil.java @@ -126,6 +126,32 @@ public final class URLUtil { return retData; } + /** + * @return True iff the url is correctly URL encoded + */ + static boolean verifyURLEncoding(String url) { + int count = url.length(); + if (count == 0) { + return false; + } + + int index = url.indexOf('%'); + while (index >= 0 && index < count) { + if (index < count - 2) { + try { + parseHex((byte) url.charAt(++index)); + parseHex((byte) url.charAt(++index)); + } catch (IllegalArgumentException e) { + return false; + } + } else { + return false; + } + index = url.indexOf('%', index + 1); + } + return true; + } + private static int parseHex(byte b) { if (b >= '0' && b <= '9') return (b - '0'); if (b >= 'A' && b <= 'F') return (b - 'A' + 10); |