File tree Expand file tree Collapse file tree 1 file changed +15
-15
lines changed
java/ql/src/experimental/CWE-939 Expand file tree Collapse file tree 1 file changed +15
-15
lines changed Original file line number Diff line number Diff line change 11public boolean shouldOverrideUrlLoading (WebView view , String url ) {
2- {
3- Uri uri = Uri .parse (url );
4- // BAD: partial domain match, which allows an attacker to register a domain like myexample.com to circumvent the verification
5- if (uri .getHost () != null && uri .getHost ().endsWith ("example.com" )) {
6- return false ;
7- }
8- }
2+ {
3+ Uri uri = Uri .parse (url );
4+ // BAD: partial domain match, which allows an attacker to register a domain like myexample.com to circumvent the verification
5+ if (uri .getHost () != null && uri .getHost ().endsWith ("example.com" )) {
6+ return false ;
7+ }
8+ }
99
10- {
11- Uri uri = Uri .parse (url );
12- // GOOD: full domain match
13- if (uri .getHost () != null && uri .getHost ().endsWith (".example.com" )) {
14- return false ;
15- }
16- }
17- }
10+ {
11+ Uri uri = Uri .parse (url );
12+ // GOOD: full domain match
13+ if (uri .getHost () != null && uri .getHost ().endsWith (".example.com" )) {
14+ return false ;
15+ }
16+ }
17+ }
You can’t perform that action at this time.
0 commit comments