commit f0eff89b86c2d84301dea00d15e02ee480ee6e7a
author John Reck <jreck@google.com> Mon Oct 17 12:35:15 2011 -0700
committer John Reck <jreck@google.com> Mon Oct 17 12:35:15 2011 -0700
tree 2d931475ee4a555f88c3dd465f96274814896641
parent 4ec6e1e521951a3b3d521a20122ba7100dbd6cc8

HTML escape most visited

 Bug: 5471514

Change-Id: Ie3f175cc8ef9fd6e66ee6ced7a0cd383e04458e2

src/com/android/browser/homepages/RequestHandler.java

diff --git a/src/com/android/browser/homepages/RequestHandler.java b/src/com/android/browser/homepages/RequestHandler.java
index e0a0eac..defda61 100644
--- a/src/com/android/browser/homepages/RequestHandler.java
+++ b/src/com/android/browser/homepages/RequestHandler.java
@@ -16,6 +16,16 @@
  */

 package com.android.browser.homepages;

 

+import android.content.Context;

+import android.content.UriMatcher;

+import android.content.res.Resources;

+import android.database.Cursor;

+import android.net.Uri;

+import android.provider.Browser;

+import android.text.TextUtils;

+import android.util.Base64;

+import android.util.Log;

+

 import com.android.browser.R;

 

 import java.io.IOException;

@@ -24,15 +34,6 @@
 import java.util.regex.Matcher;

 import java.util.regex.Pattern;

 

-import android.content.Context;

-import android.content.UriMatcher;

-import android.content.res.Resources;

-import android.database.Cursor;

-import android.net.Uri;

-import android.provider.Browser;

-import android.util.Base64;

-import android.util.Log;

-

 public class RequestHandler extends Thread {

 

     private static final String TAG = "RequestHandler";

@@ -79,6 +80,10 @@
         }

     }

 

+    byte[] htmlEncode(String s) {

+        return TextUtils.htmlEncode(s).getBytes();

+    }

+

     void writeTemplatedIndex() throws IOException {

         Template t = Template.getCachedTemplate(mContext, R.raw.most_visited);

         Cursor cursor = mContext.getContentResolver().query(Browser.BOOKMARKS_URI,

@@ -90,9 +95,9 @@
             public void writeValue(OutputStream stream, String key) throws IOException {

                 Cursor cursor = getCursor();

                 if (key.equals("url")) {

-                    stream.write(cursor.getString(0).getBytes());

+                    stream.write(htmlEncode(cursor.getString(0)));

                 } else if (key.equals("title")) {

-                    stream.write(cursor.getString(1).getBytes());

+                    stream.write(htmlEncode(cursor.getString(1)));

                 } else if (key.equals("thumbnail")) {

                     stream.write("data:image/png;base64,".getBytes());

                     byte[] thumb = cursor.getBlob(2);