public/cordova-android
public/cordova-android
9
0
Fork 0
forked from github/cordova-android
Code Pull Requests Activity

CB-7758: Allow content-url-hosted pages to access the bridge

Browse Source 
This allows e.g. jsHybugger to create pages with access to Cordova APIs.
We restrict access to content provider URLs which are at subdomains of the application itself, ie, begin with "content://com.your.package.id."
This commit is contained in:
Ian Clelland 2014-10-27 15:26:38 -04:00
parent 832e626573
commit fc63f66e89
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
framework/src/org/apache/cordova/CordovaBridge.java
View File

@ -37,10 +37,12 @@ public class CordovaBridge {
private NativeToJsMessageQueue jsMessageQueue; private NativeToJsMessageQueue jsMessageQueue;
private volatile int expectedBridgeSecret = -1; // written by UI thread, read by JS thread. private volatile int expectedBridgeSecret = -1; // written by UI thread, read by JS thread.
private String loadedUrl; private String loadedUrl;
private String appContentUrlPrefix;
public CordovaBridge(PluginManager pluginManager, NativeToJsMessageQueue jsMessageQueue) { public CordovaBridge(PluginManager pluginManager, NativeToJsMessageQueue jsMessageQueue, String packageName) {
this.pluginManager = pluginManager; this.pluginManager = pluginManager;
this.jsMessageQueue = jsMessageQueue; this.jsMessageQueue = jsMessageQueue;
this.appContentUrlPrefix = "content://" + packageName + ".";
} }
public String jsExec(int bridgeSecret, String service, String action, String callbackId, String arguments) throws JSONException, IllegalAccessException { public String jsExec(int bridgeSecret, String service, String action, String callbackId, String arguments) throws JSONException, IllegalAccessException {
@ -165,7 +167,9 @@ public class CordovaBridge {
// Protect against random iframes being able to talk through the bridge. // Protect against random iframes being able to talk through the bridge.
// Trust only file URLs and the start URL's domain. // Trust only file URLs and the start URL's domain.
// The extra origin.startsWith("http") is to protect against iframes with data: having "" as origin. // The extra origin.startsWith("http") is to protect against iframes with data: having "" as origin.
if (origin.startsWith("file:") || (origin.startsWith("http") && loadedUrl.startsWith(origin))) { if (origin.startsWith("file:") ||
origin.startsWith(this.appContentUrlPrefix) ||
(origin.startsWith("http") && loadedUrl.startsWith(origin))) {
// Enable the bridge // Enable the bridge
int bridgeMode = Integer.parseInt(defaultValue.substring(9)); int bridgeMode = Integer.parseInt(defaultValue.substring(9));
jsMessageQueue.setBridgeMode(bridgeMode); jsMessageQueue.setBridgeMode(bridgeMode);

2
framework/src/org/apache/cordova/CordovaWebView.java
View File

@ -152,7 +152,7 @@ public class CordovaWebView extends WebView {
super.setWebViewClient(webViewClient); super.setWebViewClient(webViewClient);
pluginManager = new PluginManager(this, this.cordova, pluginEntries); pluginManager = new PluginManager(this, this.cordova, pluginEntries);
bridge = new CordovaBridge(pluginManager, new NativeToJsMessageQueue(this, cordova)); bridge = new CordovaBridge(pluginManager, new NativeToJsMessageQueue(this, cordova), this.cordova.getActivity().getPackageName());
resourceApi = new CordovaResourceApi(this.getContext(), pluginManager); resourceApi = new CordovaResourceApi(this.getContext(), pluginManager);
pluginManager.addService("App", "org.apache.cordova.App"); pluginManager.addService("App", "org.apache.cordova.App");