From a3471af5f9533513efd60faab5c8475881fc7c62 Mon Sep 17 00:00:00 2001 From: Steve McKay Date: Thu, 18 Feb 2016 16:08:36 -0800 Subject: [PATCH] Escape title of Operationdialog. Security review feedback. Bug: 27121721 Change-Id: Ibafa07aea7b2f77ca476e4f62bd5e4e556ba49c7 --- .../com/android/documentsui/OperationDialogFragment.java | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/packages/DocumentsUI/src/com/android/documentsui/OperationDialogFragment.java b/packages/DocumentsUI/src/com/android/documentsui/OperationDialogFragment.java index 85cc12b8a97a0..2cef8d31ad1a7 100644 --- a/packages/DocumentsUI/src/com/android/documentsui/OperationDialogFragment.java +++ b/packages/DocumentsUI/src/com/android/documentsui/OperationDialogFragment.java @@ -16,9 +16,6 @@ package com.android.documentsui; -import static com.android.documentsui.services.FileOperationService.OpType; -import static com.android.internal.util.Preconditions.checkArgument; - import android.annotation.IntDef; import android.app.AlertDialog; import android.app.Dialog; @@ -32,13 +29,11 @@ import android.text.Html; import com.android.documentsui.model.DocumentInfo; import com.android.documentsui.model.DocumentStack; import com.android.documentsui.services.FileOperationService; -import com.android.documentsui.services.FileOperations; -import com.android.documentsui.services.Job; +import com.android.documentsui.services.FileOperationService.OpType; import java.lang.annotation.Retention; import java.lang.annotation.RetentionPolicy; import java.util.ArrayList; -import java.util.List; /** * Alert dialog for operation dialogs. @@ -114,7 +109,7 @@ public class OperationDialogFragment extends DialogFragment { final StringBuilder list = new StringBuilder("

"); for (DocumentInfo documentInfo : srcList) { - list.append(String.format("• %s
", documentInfo.displayName)); + list.append(String.format("• %s
", Html.escapeHtml(documentInfo.displayName))); } list.append("

"); builder.setMessage(Html.fromHtml(String.format(messageFormat, list.toString())));