hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 17:23:36 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
alexet/avoid-path-node-java
codeql/java/ql/test/query-tests/security/CWE-749/UnsafeAndroidAccess.java
Tony Torralba 1014400a08 Fix test comments
2021-06-17 15:03:45 +02:00

152 lines
4.3 KiB
Java
Raw Permalink Blame History

package com.example.app;
import android.app.Activity;
import android.os.Bundle;
import android.webkit.WebSettings;
import android.webkit.WebView;
import android.webkit.WebViewClient;
// The Activity is implicitly exported because it has an intent-filter.
public class UnsafeAndroidAccess extends Activity {
// Test onCreate with both JavaScript and cross-origin resource access enabled while taking
// remote user inputs from bundle extras
public void testOnCreate1(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
webSettings.setJavaScriptEnabled(true);
webSettings.setAllowFileAccessFromFileURLs(true);
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
String thisUrl = getIntent().getExtras().getString("url");
wv.loadUrl(thisUrl); // $hasUnsafeAndroidAccess
}
// Test onCreate with both JavaScript and cross-origin resource access enabled while taking
// remote user inputs from string extra
public void testOnCreate2(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
webSettings.setJavaScriptEnabled(true);
webSettings.setAllowFileAccessFromFileURLs(true);
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
String thisUrl = getIntent().getStringExtra("url");
wv.loadUrl(thisUrl); // $hasUnsafeAndroidAccess
}
// Test onCreate with both JavaScript and cross-origin resource access disabled by default while
// taking remote user inputs
public void testOnCreate3(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
String thisUrl = getIntent().getStringExtra("url");
wv.loadUrl(thisUrl); // Safe
}
// Test onCreate with JavaScript enabled but cross-origin resource access disabled while taking
// remote user inputs
public void testOnCreate4(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
webSettings.setJavaScriptEnabled(true);
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
String thisUrl = getIntent().getStringExtra("url");
wv.loadUrl(thisUrl); // $hasUnsafeAndroidAccess
}
// Test onCreate with both JavaScript and cross-origin resource access enabled while not taking
// remote user inputs
public void testOnCreate5(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
webSettings.setJavaScriptEnabled(true);
webSettings.setAllowFileAccessFromFileURLs(true);
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
wv.loadUrl("https://www.mycorp.com"); // Safe
}
// Test onCreate with both JavaScript and cross-origin resource access enabled while taking
// remote user inputs and concatenating them to a safe URL.
public void testOnCreate6(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(-1);
WebView wv = (WebView) findViewById(-1);
WebSettings webSettings = wv.getSettings();
webSettings.setJavaScriptEnabled(true);
webSettings.setAllowFileAccessFromFileURLs(true);
wv.setWebViewClient(new WebViewClient() {
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
});
String thisUrl = getIntent().getStringExtra("url");
wv.loadUrl("https://www.mycorp.com/" + thisUrl); // Safe
}
}
Reference in New Issue View Git Blame Copy Permalink