2021-10-15 10:09:39 +02:00
|
|
|
include::../description.adoc[]
|
|
|
|
|
|
|
|
|
|
include::../ask-yourself.adoc[]
|
|
|
|
|
|
|
|
|
|
include::../recommended.adoc[]
|
|
|
|
|
|
|
|
|
|
== Sensitive Code Example
|
|
|
|
|
|
2023-01-09 15:29:41 +01:00
|
|
|
[source,kotlin]
|
2021-10-15 10:09:39 +02:00
|
|
|
----
|
|
|
|
|
import android.webkit.WebView
|
|
|
|
|
|
|
|
|
|
val webView: WebView = findViewById(R.id.webview)
|
|
|
|
|
webView.getSettings().setAllowContentAccess(true) // Sensitive
|
|
|
|
|
webView.getSettings().setAllowFileAccess(true) // Sensitive
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
== Compliant Solution
|
|
|
|
|
|
2022-02-04 17:28:24 +01:00
|
|
|
[source,kotlin]
|
2021-10-15 10:09:39 +02:00
|
|
|
----
|
|
|
|
|
import android.webkit.WebView
|
|
|
|
|
|
|
|
|
|
val webView: WebView = findViewById(R.id.webview)
|
|
|
|
|
webView.getSettings().setAllowContentAccess(false)
|
|
|
|
|
webView.getSettings().setAllowFileAccess(false)
|
|
|
|
|
----
|
|
|
|
|
|
|
|
|
|
include::../see.adoc[]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
ifdef::env-github,rspecator-view[]
|
|
|
|
|
|
|
|
|
|
'''
|
|
|
|
|
== Implementation Specification
|
|
|
|
|
(visible only on this page)
|
|
|
|
|
|
|
|
|
|
include::../message.adoc[]
|
|
|
|
|
|
|
|
|
|
endif::env-github,rspecator-view[]
|
