SkewedZeppelin/RedReader-Harden_WebView.patch

## RedReader-Harden_WebView.patch
From b5470ae54c54db482a07db1e888fcf01edf48bf0 Mon Sep 17 00:00:00 2001
From: Tad <tad@spotco.us>
Date: Mon, 29 Aug 2016 06:04:30 -0400
Subject: [PATCH] Harden webview

---
 .../quantumbadger/redreader/fragments/WebViewFragment.java   | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java b/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
index 1e02e40..93e1da0 100644
--- a/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
+++ b/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
@@ -137,11 +137,17 @@ public class WebViewFragment extends Fragment implements RedditPostView.PostSele
 		final WebSettings settings = webView.getSettings();

 		settings.setBuiltInZoomControls(true);
-		settings.setJavaScriptEnabled(true);
-		settings.setJavaScriptCanOpenWindowsAutomatically(false);
 		settings.setUseWideViewPort(true);
 		settings.setLoadWithOverviewMode(true);
-		settings.setDomStorageEnabled(true);
+		settings.setJavaScriptEnabled(false);
+		settings.setJavaScriptCanOpenWindowsAutomatically(false);
+		settings.setAllowFileAccess(false);
+		settings.setAppCacheEnabled(false);
+		settings.setDatabaseEnabled(false);
+		settings.setDomStorageEnabled(false);
+		settings.setGeolocationEnabled(false);
+		settings.setSaveFormData(false);
+		settings.setUserAgentString("Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Mobile/10A5376e");

 		if (AndroidApi.isHoneyCombOrLater()) {
 			settings.setDisplayZoomControls(false);
--
2.9.3
	From b5470ae54c54db482a07db1e888fcf01edf48bf0 Mon Sep 17 00:00:00 2001
	From: Tad <tad@spotco.us>
	Date: Mon, 29 Aug 2016 06:04:30 -0400
	Subject: [PATCH] Harden webview

	---
	.../quantumbadger/redreader/fragments/WebViewFragment.java \| 12 +++++++++---
	1 file changed, 9 insertions(+), 3 deletions(-)

	diff --git a/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java b/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
	index 1e02e40..93e1da0 100644
	--- a/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
	+++ b/src/main/java/org/quantumbadger/redreader/fragments/WebViewFragment.java
	@@ -137,11 +137,17 @@ public class WebViewFragment extends Fragment implements RedditPostView.PostSele
	final WebSettings settings = webView.getSettings();

	settings.setBuiltInZoomControls(true);
	- settings.setJavaScriptEnabled(true);
	- settings.setJavaScriptCanOpenWindowsAutomatically(false);
	settings.setUseWideViewPort(true);
	settings.setLoadWithOverviewMode(true);
	- settings.setDomStorageEnabled(true);
	+ settings.setJavaScriptEnabled(false);
	+ settings.setJavaScriptCanOpenWindowsAutomatically(false);
	+ settings.setAllowFileAccess(false);
	+ settings.setAppCacheEnabled(false);
	+ settings.setDatabaseEnabled(false);
	+ settings.setDomStorageEnabled(false);
	+ settings.setGeolocationEnabled(false);
	+ settings.setSaveFormData(false);
	+ settings.setUserAgentString("Mozilla/5.0 (iPhone; CPU iPhone OS 6_0 like Mac OS X) AppleWebKit/536.26 (KHTML, like Gecko) Mobile/10A5376e");

	if (AndroidApi.isHoneyCombOrLater()) {
	settings.setDisplayZoomControls(false);
	--
	2.9.3