Require that verified intent filters only have http/https <data> decls (413020a6) · Commits · Android-smartphones / realme / realme 5pro / kaderbava / evolution_frameworks_base

Commit 413020a6 authored Jun 23, 2015 by Christopher Tate

Require that verified intent filters only have http/https <data> decls

It is malformed to write a single intent filter like this:

  <intent-filter android:autoVerify="true">
    <data android:host="foo.example"
          android:path="/"
          android:scheme="http" />
    <data android:host="*"
          android:path="/custom"
          android:scheme="fooexamplecustomscheme" />
  </intent-filter>

In practice this app is accidentally defining a filter that will match
"http://*".  This is now detected, and will never be auto-verified for
any of the mentioned domains.

Verified intent filters must *only* handle the http & https schemes.

Bug 21920537

Change-Id: I933cddbea23185d242565cac940e1e7a7e4e289b

parent d4e9e0e1

Hide whitespace changes

Inline Side-by-side

Please register or to comment