From 7dae27186529abd300c43b33bdac16edd72c78d8 Mon Sep 17 00:00:00 2001
From: M66B <M66B@users.noreply.github.com>
Date: Sun, 13 Feb 2022 13:49:18 +0100
Subject: [PATCH] Whitelist AMP CDN

---
 .../main/java/eu/faircode/email/ActivityAMP.java | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/app/src/main/java/eu/faircode/email/ActivityAMP.java b/app/src/main/java/eu/faircode/email/ActivityAMP.java
index 26b4248ebc..3d1d788dbd 100644
--- a/app/src/main/java/eu/faircode/email/ActivityAMP.java
+++ b/app/src/main/java/eu/faircode/email/ActivityAMP.java
@@ -38,6 +38,9 @@ import androidx.preference.PreferenceManager;
 
 import com.google.android.material.snackbar.Snackbar;
 
+import org.jsoup.nodes.Document;
+import org.jsoup.nodes.Element;
+
 import java.io.FileNotFoundException;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
@@ -130,10 +133,21 @@ public class ActivityAMP extends ActivityBase {
                     throw new IllegalArgumentException(context.getString(R.string.title_no_stream));
                 }
 
+                String html;
                 ContentResolver resolver = context.getContentResolver();
                 try (InputStream is = resolver.openInputStream(uri)) {
-                    return Helper.readStream(is);
+                    html = Helper.readStream(is);
                 }
+
+                Document d = JsoupEx.parse(html);
+                for (Element script : d.select("script")) {
+                    String src = script.attr("src");
+                    Uri u = Uri.parse(src);
+                    if (!u.isHierarchical() || !"cdn.ampproject.org".equals(u.getHost()))
+                        script.removeAttr("src");
+                }
+
+                return d.html();
             }
 
             @Override