[Autofill Assistant] Changed feedback error message to address potential security issue.

Bug: 806868 Change-Id: Iee8f1ff42f8c76b7553ffce55d51ca5e54afd95b Reviewed-on: https://chromium-review.googlesource.com/c/1340818Reviewed-by: Mathias Carlen <mcarlen@chromium.org> Commit-Queue: Clemens Arbesser <arbesser@google.com> Cr-Commit-Position: refs/heads/master@{#609233}

[Autofill Assistant] Changed feedback error message to address potential security issue.
Bug: 806868 Change-Id: Iee8f1ff42f8c76b7553ffce55d51ca5e54afd95b Reviewed-on: https://chromium-review.googlesource.com/c/1340818Reviewed-by: Mathias Carlen <mcarlen@chromium.org> Commit-Queue: Clemens Arbesser <arbesser@google.com> Cr-Commit-Position: refs/heads/master@{#609233}
0fd2049f · Clemens Arbesser · Commit Bot · d8110958 · 0fd2049f
Commit 0fd2049f authored Nov 19, 2018 by Clemens Arbesser Committed by Commit Bot Nov 19, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

chrome/android/java/src/org/chromium/chrome/browser/autofill_assistant/FeedbackContext.java ...um/chrome/browser/autofill_assistant/FeedbackContext.java +3 -1

No files found.
--- a/chrome/android/java/src/org/chromium/chrome/browser/autofill_assistant/FeedbackContext.java
+++ b/chrome/android/java/src/org/chromium/chrome/browser/autofill_assistant/FeedbackContext.java
@@ -20,7 +20,9 @@ class FeedbackContext extends JSONObject {
            return new FeedbackContext(activity, client, details, statusMessage)
                    .toString(indentSpaces);
        } catch (JSONException e) {
-            return "{\"error\": \"" + e.getMessage() + "\"}";
+            // Note: it is potentially unsafe to return e.getMessage(): the exception message
+            // could be wrangled and used as an attack vector when arriving at the JSON parser.
+            return "{\"error\": \"Failed to convert feedback context to string.\"}";
        }
    }