summaryrefslogtreecommitdiff
path: root/src/com/android/settings/development/transcode/TranscodeDisableCachePreferenceController.java
diff options
context:
space:
mode:
authorTsung-Mao Fang <tmfang@google.com>2021-04-14 15:51:37 +0800
committerTsung-Mao Fang <tmfang@google.com>2021-04-14 15:51:37 +0800
commit0bf3c98b2f325f70d5492a7c7ade16951a802600 (patch)
treef0163434474f6b4d3998f91b20350e9993a37b43 /src/com/android/settings/development/transcode/TranscodeDisableCachePreferenceController.java
parent8d8877b6db630f1bd717963dece4e43e75900abb (diff)
Prevent HTML Injection on the Device Admin request screen
The root issue is that CharSequence is an interface. String implements that interface, however, Spanned class too which is a rich text format that can store HTML code. The solution is enforce to use String type which won't include any HTML function. Test: Rebuilt apk and see the string without HTML style. Bug: 179042963 Change-Id: I53b460b12da918e022d2f2934f114d205dbaadb0
Diffstat (limited to 'src/com/android/settings/development/transcode/TranscodeDisableCachePreferenceController.java')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-05 00:25:14 +0000