diff options
| author | Adam Vartanian <flooey@google.com> | 2017-11-07 12:22:23 +0000 |
|---|---|---|
| committer | Adam Vartanian <flooey@google.com> | 2017-11-07 15:51:53 +0000 |
| commit | cd6228dd377b2a0caa02a1e6df92f3d9ae702a95 (patch) | |
| tree | eade1289634b842cc24182591ac4e997d1bf1ae3 /core/java | |
| parent | ca7ffa06bc0304eaea942d77e3db60af77bcd2ad (diff) | |
Adjust Uri host parsing to use last instead of first @.
Malformed authority segments can currently cause the parser to produce
a hostname that doesn't match the hostname produced by the WHATWG URL
parsing algorithm* used by browsers, which means that a URL could be seen
as having a "safe" host when checked by an Android app but actually visit
a different host when passed to a browser. The WHATWG URL parsing
algorithm always produces a hostname based on the last @ in the authority
segment, so we do the same.
* https://url.spec.whatwg.org/#authority-state resets the "buffer", which
is being used to build up the host name, each time an @ is found, so it
has the effect of using the content between the final @ and the end
of the authority section as the hostname.
Bug: 68341964
Test: vogar android.net.UriTest (on NYC branch)
Test: cts -m CtsNetTestCases (on NYC branch)
Change-Id: Idca79f35a886de042c94d6ab66787c2e98ac8376
Diffstat (limited to 'core/java')
| -rw-r--r-- | core/java/android/net/Uri.java | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/core/java/android/net/Uri.java b/core/java/android/net/Uri.java index 2099c3f9b02f..0f9c03ecb9ca 100644 --- a/core/java/android/net/Uri.java +++ b/core/java/android/net/Uri.java @@ -1060,7 +1060,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { return null; } - int end = authority.indexOf('@'); + int end = authority.lastIndexOf('@'); return end == NOT_FOUND ? null : authority.substring(0, end); } @@ -1084,7 +1084,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { } // Parse out user info and then port. - int userInfoSeparator = authority.indexOf('@'); + int userInfoSeparator = authority.lastIndexOf('@'); int portSeparator = authority.indexOf(':', userInfoSeparator); String encodedHost = portSeparator == NOT_FOUND @@ -1110,7 +1110,7 @@ public abstract class Uri implements Parcelable, Comparable<Uri> { // Make sure we look for the port separtor *after* the user info // separator. We have URLs with a ':' in the user info. - int userInfoSeparator = authority.indexOf('@'); + int userInfoSeparator = authority.lastIndexOf('@'); int portSeparator = authority.indexOf(':', userInfoSeparator); if (portSeparator == NOT_FOUND) { |