From 2d69afcd7c30e6ac86ef0d5519af3d12ca3a6252 Mon Sep 17 00:00:00 2001 From: stevepodell Date: Wed, 4 Apr 2018 15:57:13 -0700 Subject: [PATCH] InAppBrowser.java: New method isURLWhileListed to check for whitelisting. Newtest in shouldOverrideUrlLoading, to allow whitelisted custom schemes like"mycoolapp://" inappbrowser.js: Added "customscheme" channel. --- src/android/InAppBrowser.java | 102 +++++++++++++++------------------- 1 file changed, 45 insertions(+), 57 deletions(-) diff --git a/src/android/InAppBrowser.java b/src/android/InAppBrowser.java index be75d16..e53614d 100644 --- a/src/android/InAppBrowser.java +++ b/src/android/InAppBrowser.java @@ -133,6 +133,7 @@ public class InAppBrowser extends CordovaPlugin { private boolean hideUrlBar = false; private boolean showFooter = false; private String footerColor = ""; + private String[] allowedSchemes; /** * Executes the request and returns PluginResult. @@ -170,10 +171,33 @@ public class InAppBrowser extends CordovaPlugin { Boolean shouldAllowNavigation = null; if (url.startsWith("javascript:")) { shouldAllowNavigation = true; - } else { - shouldAllowNavigation = isURLWhiteListed(url); } - + if (shouldAllowNavigation == null) { + try { + Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class); + shouldAllowNavigation = (Boolean)iuw.invoke(null, url); + } catch (NoSuchMethodException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } catch (IllegalAccessException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } catch (InvocationTargetException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } + } + if (shouldAllowNavigation == null) { + try { + Method gpm = webView.getClass().getMethod("getPluginManager"); + PluginManager pm = (PluginManager)gpm.invoke(webView); + Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class); + shouldAllowNavigation = (Boolean)san.invoke(pm, url); + } catch (NoSuchMethodException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } catch (IllegalAccessException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } catch (InvocationTargetException e) { + LOG.d(LOG_TAG, e.getLocalizedMessage()); + } + } // load in webview if (Boolean.TRUE.equals(shouldAllowNavigation)) { LOG.d(LOG_TAG, "loading in webview"); @@ -279,47 +303,6 @@ public class InAppBrowser extends CordovaPlugin { return true; } - /** - * Is the URL or Scheme WhiteListed - * This code exists for compatibility between 3.x and 4.x versions of Cordova. - * Previously the Config class had a static method, isUrlWhitelisted(). That - * responsibility has been moved to the plugins, with an aggregating method in - * PluginManager. - * - * @param url, the URL as a String - * @return true if WhiteListed, otherwise null or false - */ - private Boolean isURLWhiteListed(String url) { - Boolean shouldAllowNavigation = null; - if (shouldAllowNavigation == null) { - try { - Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class); - shouldAllowNavigation = (Boolean)iuw.invoke(null, url); - } catch (NoSuchMethodException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } catch (IllegalAccessException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } catch (InvocationTargetException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } - } - if (shouldAllowNavigation == null) { - try { - Method gpm = webView.getClass().getMethod("getPluginManager"); - PluginManager pm = (PluginManager)gpm.invoke(webView); - Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class); - shouldAllowNavigation = (Boolean)san.invoke(pm, url); - } catch (NoSuchMethodException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } catch (IllegalAccessException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } catch (InvocationTargetException e) { - LOG.d(LOG_TAG, e.getLocalizedMessage()); - } - } - return shouldAllowNavigation; - } - /** * Called when the view navigates. */ @@ -1129,20 +1112,25 @@ public class InAppBrowser extends CordovaPlugin { } } // Test for whitelisted custom scheme names, less than 20 chars long, like mycoolapp: or twitteroauthresponse: (Twitter Oauth Response) - else if (url.matches("^[a-z]{0,20}://.*?$")) { - if (Boolean.TRUE.equals(isURLWhiteListed(url))) { - try { - LOG.w("STEVE IN InAppBrowser.java, whiteliste url SUCCESS: ", url ); - JSONObject obj = new JSONObject(); - obj.put("type", "customscheme"); - obj.put("url", url); - sendUpdate(obj, true); - return true; - } catch (JSONException ex) { - LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error."); + else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]{0,20}://.*?$")) { + if (allowedSchemes == null) { + String allowed = preferences.getString("AllowedSchemes", ""); + allowedSchemes = allowed.split(","); + } + if (allowedSchemes != null) { + for (String scheme : allowedSchemes) { + if (url.startsWith(scheme)) { + try { + JSONObject obj = new JSONObject(); + obj.put("type", "customscheme"); + obj.put("url", url); + sendUpdate(obj, true); + return true; + } catch (JSONException ex) { + LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error."); + } + } } - } else { - LOG.w("STEVE IN InAppBrowser.java, whitelisted url FAILURE: ", url ); } }