Update browser to use new Intent URI expansion.
This changes the browser's URI->intent processing to use the new generic
"intent:" scheme supported by Intent. Doing so allows the user to
provide links to arbitrary intents in a web page. The browser restricts
which intents can actually be execute to those supported by the
BROWSABLE category by adding this to the resulting Intent and making
sure there is no explicit component in the Intent.
With the addition of package-specific Intents, this allows people to
have a link that is guaranteed to launch an activity in their own
package, not allowing others to intercept it.
diff --git a/src/com/android/browser/BrowserActivity.java b/src/com/android/browser/BrowserActivity.java
index e922679..8fb853f 100644
--- a/src/com/android/browser/BrowserActivity.java
+++ b/src/com/android/browser/BrowserActivity.java
@@ -134,6 +134,7 @@
import java.io.InputStream;
import java.net.MalformedURLException;
import java.net.URI;
+import java.net.URISyntaxException;
import java.net.URL;
import java.net.URLEncoder;
import java.text.ParseException;
@@ -3017,16 +3018,26 @@
}
}
- Uri uri;
+ // The "about:" schemes are internal to the browser; don't
+ // want these to be dispatched to other apps.
+ if (url.startsWith("about:")) {
+ return false;
+ }
+
+ Intent intent;
+
+ // perform generic parsing of the URI to turn it into an Intent.
try {
- uri = Uri.parse(url);
- } catch (IllegalArgumentException ex) {
+ intent = Intent.parseUri(url, Intent.URI_INTENT_SCHEME);
+ } catch (URISyntaxException ex) {
+ Log.w("Browser", "Bad URI " + url + ": " + ex.getMessage());
return false;
}
- // check whether other activities want to handle this url
- Intent intent = new Intent(Intent.ACTION_VIEW, uri);
+ // sanitize the Intent, ensuring web pages can not bypass browser
+ // security (only access to BROWSABLE activities).
intent.addCategory(Intent.CATEGORY_BROWSABLE);
+ intent.setComponent(null);
try {
if (startActivityIfNeeded(intent, -1)) {
return true;