Index: chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java |
diff --git a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java |
index 6b6d07a3fa6620310bc2b4716e1851141934c4e4..dd04647f6cc1399915e6bac02e86c65b7e848eed 100644 |
--- a/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java |
+++ b/chrome/android/java/src/org/chromium/chrome/browser/WebsiteSettingsPopup.java |
@@ -9,6 +9,7 @@ import android.content.Context; |
import android.content.DialogInterface; |
import android.graphics.Color; |
import android.graphics.drawable.ColorDrawable; |
+import android.net.Uri; |
import android.text.Layout; |
import android.text.Spannable; |
import android.text.SpannableStringBuilder; |
@@ -164,6 +165,10 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList |
private static final int MAX_TABLET_DIALOG_WIDTH_DP = 400; |
+ private static final char FIRST_UNICODE_WHITESPACE = '\u2000'; |
+ private static final char FINAL_UNICODE_WHITESPACE = '\u200F'; |
+ private static final char UNICODE_NBSP = '\u00A0'; |
+ |
private final Context mContext; |
private final Profile mProfile; |
private final WebContents mWebContents; |
@@ -289,7 +294,8 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList |
} |
mSecurityLevel = ToolbarModel.getSecurityLevelForWebContents(mWebContents); |
- SpannableStringBuilder urlBuilder = new SpannableStringBuilder(mFullUrl); |
+ String displayUrl = encodeSuspiciousUrl(mFullUrl); |
+ SpannableStringBuilder urlBuilder = new SpannableStringBuilder(displayUrl); |
OmniboxUrlEmphasizer.emphasizeUrl(urlBuilder, mContext.getResources(), mProfile, |
mSecurityLevel, mIsInternalPage, true); |
mUrlTitle.setText(urlBuilder); |
@@ -300,6 +306,25 @@ public class WebsiteSettingsPopup implements OnClickListener, OnItemSelectedList |
} |
/** |
+ * Percent-encodes suspicious Unicode whitespace characters in a URL. |
+ * This only affects the fragment, as all other URL components will already be encoded. |
+ */ |
+ public static String encodeSuspiciousUrl(String urlStr) { |
Ted C
2015/03/25 19:55:38
This name to me implies that the URL is suspicious
tsergeant
2015/03/25 23:44:47
Done.
|
+ StringBuilder urlBuilder = new StringBuilder(); |
+ for (int i = 0; i < urlStr.length(); i++) { |
+ char fragmentChar = urlStr.charAt(i); |
Matt Giuca
2015/03/25 03:23:24
nit: Rename fragmentChar to something else (maybe
tsergeant
2015/03/25 23:44:47
Done.
|
+ if ((fragmentChar >= FIRST_UNICODE_WHITESPACE |
+ && fragmentChar <= FINAL_UNICODE_WHITESPACE) |
+ || fragmentChar == ' ' |
+ || fragmentChar == UNICODE_NBSP) |
Ted C
2015/03/25 19:55:38
braces are required in java unless the statement a
tsergeant
2015/03/25 23:44:47
Done.
|
+ urlBuilder.append(Uri.encode(Character.toString(fragmentChar))); |
+ else |
+ urlBuilder.append(fragmentChar); |
+ } |
+ return urlBuilder.toString(); |
+ } |
+ |
+ /** |
* Sets the visibility of the lower area of the dialog (containing the permissions and 'Site |
* Settings' button). |
* |