diff --git a/app/src/main/java/eu/faircode/email/ActivityAMP.java b/app/src/main/java/eu/faircode/email/ActivityAMP.java index d5abdacc96..c2775c869d 100644 --- a/app/src/main/java/eu/faircode/email/ActivityAMP.java +++ b/app/src/main/java/eu/faircode/email/ActivityAMP.java @@ -44,12 +44,20 @@ import org.jsoup.nodes.Element; import java.io.FileNotFoundException; import java.io.InputStream; import java.nio.charset.StandardCharsets; +import java.util.Arrays; +import java.util.Collections; +import java.util.List; +import java.util.Locale; public class ActivityAMP extends ActivityBase { private WebView wvAmp; private ContentLoadingProgressBar pbWait; private Group grpReady; + private static final List ALLOWED_SCRIPT_HOSTS = Collections.unmodifiableList(Arrays.asList( + "cdn.ampproject.org" + )); + @Override protected void onCreate(Bundle savedInstanceState) { super.onCreate(savedInstanceState); @@ -145,7 +153,8 @@ public class ActivityAMP extends ActivityBase { for (Element script : d.select("script")) { String src = script.attr("src"); Uri u = Uri.parse(src); - if (!u.isHierarchical() || !"cdn.ampproject.org".equals(u.getHost())) + String host = (u.isHierarchical() ? u.getHost() : null); + if (host == null || !ALLOWED_SCRIPT_HOSTS.contains(host.toLowerCase(Locale.ROOT))) script.removeAttr("src"); } diff --git a/app/src/main/java/eu/faircode/email/Helper.java b/app/src/main/java/eu/faircode/email/Helper.java index c5318f8df0..ab64d9172f 100644 --- a/app/src/main/java/eu/faircode/email/Helper.java +++ b/app/src/main/java/eu/faircode/email/Helper.java @@ -689,7 +689,8 @@ public class Helper { if (!("message/rfc822".equals(type) || "message/delivery-status".equals(type) || "message/disposition-notification".equals(type) || - "text/rfc822-headers".equals(type))) + "text/rfc822-headers".equals(type) || + "text/x-amp-html".equals(type))) intent.addFlags(Intent.FLAG_ACTIVITY_NEW_TASK | Intent.FLAG_ACTIVITY_CLEAR_TASK); if (!TextUtils.isEmpty(name))