52 lines
1.5 KiB
Plaintext
52 lines
1.5 KiB
Plaintext
|
=== How to fix it in Android
|
||
|
|
|
||
|
|
include::../../common/fix/code-rationale.adoc[]
|
||
|
|
|
||
|
|
==== Noncompliant code example
|
||
|
|
|
||
|
|
[source,java,diff-id=1,diff-type=noncompliant]
|
||
|
|
----
|
||
|
|
public class Noncompliant extends AppCompatActivity {
|
||
|
|
@Override
|
||
|
|
protected void onCreate(Bundle savedInstanceState) {
|
||
|
|
Intent intent = getIntent();
|
||
|
|
Intent forward = (Intent) intent.getParcelableExtra("anotherintent");
|
||
|
|
startActivity(forward); // Noncompliant
|
||
|
|
}
|
||
|
|
}
|
||
|
|
----
|
||
|
|
|
||
|
|
==== Compliant solution
|
||
|
|
|
||
|
|
[source,java,diff-id=1,diff-type=compliant]
|
||
|
|
----
|
||
|
|
public class MainActivity extends AppCompatActivity {
|
||
|
|
@Override
|
||
|
|
protected void onCreate(Bundle savedInstanceState) {
|
||
|
|
super.onCreate(savedInstanceState);
|
||
|
|
|
||
|
|
Intent intent = getIntent();
|
||
|
|
Intent forward = (Intent) intent.getParcelableExtra("anotherintent");
|
||
|
|
|
||
|
|
ComponentName name = forward.resolveActivity(getPackageManager());
|
||
|
|
if (name.getPackageName().equals("safePackage") &&
|
||
|
|
name.getClassName().equals("safeClass")) {
|
||
|
|
startActivity(forward);
|
||
|
|
}
|
||
|
|
}
|
||
|
|
}
|
||
|
|
----
|
||
|
|
|
||
|
|
=== How does this work?
|
||
|
|
|
||
|
|
include::../../common/fix/introduction.adoc[]
|
||
|
|
|
||
|
|
include::../../common/fix/destination.adoc[]
|
||
|
|
|
||
|
|
The example compliant code uses the `resolveActivity` method of the inner intent
|
||
|
|
to determine its target component. It then uses the `getPackageName` and
|
||
|
|
`getClassName` methods to validate this destination is not sensitive.
|
||
|
|
|
||
|
|
include::../../common/fix/origin.adoc[]
|
||
|
|
|
||
|
|
include::../../common/fix/permissions.adoc[]
|