From fef654fffc4783f71f94600597e2fb69249eeb35 Mon Sep 17 00:00:00 2001
From: Chen Xu <fionaxu@google.com>
Date: Fri, 24 Apr 2020 12:26:04 -0700
Subject: [PATCH] Fix WebView vulnerability by disallowing file access

Fix webvuew vulnerability inside captiveportal activity by disallowing
access private file in app's sandbox.

Bug: 150610071
Test: Build
Change-Id: I67e695478476b6ee9cf21ed41213f25441d9776a
---
 .../android/carrierdefaultapp/CaptivePortalLoginActivity.java    | 1 +
 1 file changed, 1 insertion(+)

diff --git a/packages/CarrierDefaultApp/src/com/android/carrierdefaultapp/CaptivePortalLoginActivity.java b/packages/CarrierDefaultApp/src/com/android/carrierdefaultapp/CaptivePortalLoginActivity.java
index 50542818e0d74..6fab9e4641b65 100644
--- a/packages/CarrierDefaultApp/src/com/android/carrierdefaultapp/CaptivePortalLoginActivity.java
+++ b/packages/CarrierDefaultApp/src/com/android/carrierdefaultapp/CaptivePortalLoginActivity.java
@@ -106,6 +106,7 @@ public class CaptivePortalLoginActivity extends Activity {
         webSettings.setSupportZoom(true);
         webSettings.setBuiltInZoomControls(true);
         webSettings.setDomStorageEnabled(true);
+        webSettings.setAllowFileAccess(false);
         mWebViewClient = new MyWebViewClient();
         mWebView.setWebViewClient(mWebViewClient);
         mWebView.setWebChromeClient(new MyWebChromeClient());