vrr/openclaw
2
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-19 16:25:50 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 18

fix(android): harden canvas webview bridge (#73240)

Browse source 
* fix(android): harden canvas webview bridge

* fix(android): make canvas content access hardening explicit

* fix(android): keep webview hardening inline for CodeQL

* fix(android): avoid webview getter false positive
This commit is contained in:
Vincent Koc 2026-04-27 21:41:01 -07:00 committed by GitHub
parent 52daf5fbd3
commit 2bce63cb65
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 131 additions and 95 deletions
Download patch file Download diff file Expand all files Collapse all files

5
.github/codeql/codeql-android-critical-security.yml vendored
View file

@ -5,6 +5,11 @@ disable-default-queries: true
queries:
- uses: security-extended
query-filters:
# Android canvas intentionally runs trusted A2UI JavaScript; keep this profile focused on exploitable WebView edges.
- exclude:
id: java/android/websettings-javascript-enabled
paths:
- apps/android/app/src/main