PawletOS/app_Settings
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "Fix pendingIntent in SettingsSliceProvider could be Hijacked" into qt-qpr1-dev

Browse Source
This commit is contained in:
TreeHugger Robot
2020-03-20 02:51:54 +00:00
committed by Android (Google) Code Review
parent bd8bbca27c 91399607fe
commit 3c137d807d
2 changed files with 7 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/com/android/settings/slices/SettingsSliceProvider.java
View File

@@ -42,6 +42,7 @@ import androidx.slice.Slice;
import androidx.slice.SliceProvider;
import com.android.settings.R;
import com.android.settings.Utils;
import com.android.settings.bluetooth.BluetoothSliceBuilder;
import com.android.settings.core.BasePreferenceController;
import com.android.settings.notification.ZenModeSliceBuilder;
@@ -303,7 +304,8 @@ public class SettingsSliceProvider extends SliceProvider {
@Override
public PendingIntent onCreatePermissionRequest(@NonNull Uri sliceUri,
@NonNull String callingPackage) {
final Intent settingsIntent = new Intent(Settings.ACTION_SETTINGS);
final Intent settingsIntent = new Intent(Settings.ACTION_SETTINGS)
.setPackage(Utils.SETTINGS_PACKAGE_NAME);
final PendingIntent noOpIntent = PendingIntent.getActivity(getContext(),
0 /* requestCode */, settingsIntent, 0 /* flags */);
return noOpIntent;

5
tests/robotests/src/com/android/settings/slices/SettingsSliceProviderTest.java
View File

@@ -50,6 +50,7 @@ import androidx.slice.SliceProvider;
import androidx.slice.widget.SliceLiveData;
import com.android.settings.R;
import com.android.settings.Utils;
import com.android.settings.testutils.DatabaseTestUtils;
import com.android.settings.testutils.FakeToggleController;
import com.android.settings.testutils.shadow.ShadowBluetoothAdapter;
@@ -450,8 +451,10 @@ public class SettingsSliceProviderTest {
public void onCreatePermissionRequest_returnsSettingIntent() {
final PendingIntent pendingIntent = mProvider.onCreatePermissionRequest(
CustomSliceRegistry.FLASHLIGHT_SLICE_URI, "com.android.whaaaat");
final Intent settingsIntent = new Intent(Settings.ACTION_SETTINGS)
.setPackage(Utils.SETTINGS_PACKAGE_NAME);
PendingIntent settingsPendingIntent =
PendingIntent.getActivity(mContext, 0, new Intent(Settings.ACTION_SETTINGS), 0);
PendingIntent.getActivity(mContext, 0, settingsIntent, 0);
assertThat(pendingIntent).isEqualTo(settingsPendingIntent);
}