PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

am 549a39b4: DO NOT MERGE HTML injection fix for bluetooth pairing, issue 65946

Browse Source 
* commit '549a39b49510dad27da588714f848dc891913239':
  DO NOT MERGE HTML injection fix for bluetooth pairing, issue 65946
This commit is contained in:
Rob Fletcher
2014-03-06 21:59:31 +00:00
committed by Android Git Automerger
parent 63a354ee09 549a39b495
commit 04f3698345
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/com/android/settings/bluetooth/BluetoothPairingDialog.java
View File

@@ -207,8 +207,8 @@ public final class BluetoothPairingDialog extends AlertActivity implements
return null;
}
// Format the message string, then parse HTML style tags
String messageText = getString(messageId1, deviceName);
// HTML escape deviceName, Format the message string, then parse HTML style tags
String messageText = getString(messageId1, Html.escapeHtml(deviceName));
messageView.setText(Html.fromHtml(messageText));
messageView2.setText(messageId2);
mPairingView.setInputType(InputType.TYPE_CLASS_NUMBER);
@@ -220,7 +220,8 @@ public final class BluetoothPairingDialog extends AlertActivity implements
private View createView(CachedBluetoothDeviceManager deviceManager) {
View view = getLayoutInflater().inflate(R.layout.bluetooth_pin_confirm, null);
String name = deviceManager.getName(mDevice);
// Escape device name to avoid HTML injection.
String name = Html.escapeHtml(deviceManager.getName(mDevice));
TextView messageView = (TextView) view.findViewById(R.id.message);
String messageText; // formatted string containing HTML style tags