github/apache-cordova-plugin-inappbrowser
github/apache-cordova-plugin-inappbrowser
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

InAppBrowser.java: New method isURLWhileListed to check for whitelisting.

Browse Source 
Newtest in shouldOverrideUrlLoading, to allow whitelisted custom schemes
like"mycoolapp://"

inappbrowser.js: Added "customscheme" channel.
This commit is contained in:
stevepodell 2018-04-04 15:57:13 -07:00
parent a6c7b54998
commit 2d69afcd7c
1 changed files with 45 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

86
src/android/InAppBrowser.java
View File

@ -133,6 +133,7 @@ public class InAppBrowser extends CordovaPlugin {
private boolean hideUrlBar = false; private boolean hideUrlBar = false;
private boolean showFooter = false; private boolean showFooter = false;
private String footerColor = ""; private String footerColor = "";
private String[] allowedSchemes;
/** /**
* Executes the request and returns PluginResult. * Executes the request and returns PluginResult.
@ -170,10 +171,33 @@ public class InAppBrowser extends CordovaPlugin {
Boolean shouldAllowNavigation = null; Boolean shouldAllowNavigation = null;
if (url.startsWith("javascript:")) { if (url.startsWith("javascript:")) {
shouldAllowNavigation = true; shouldAllowNavigation = true;
} else {
shouldAllowNavigation = isURLWhiteListed(url);
} }
if (shouldAllowNavigation == null) {
try {
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
} catch (NoSuchMethodException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (IllegalAccessException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (InvocationTargetException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
}
}
if (shouldAllowNavigation == null) {
try {
Method gpm = webView.getClass().getMethod("getPluginManager");
PluginManager pm = (PluginManager)gpm.invoke(webView);
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
} catch (NoSuchMethodException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (IllegalAccessException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (InvocationTargetException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
}
}
// load in webview // load in webview
if (Boolean.TRUE.equals(shouldAllowNavigation)) { if (Boolean.TRUE.equals(shouldAllowNavigation)) {
LOG.d(LOG_TAG, "loading in webview"); LOG.d(LOG_TAG, "loading in webview");
@ -279,47 +303,6 @@ public class InAppBrowser extends CordovaPlugin {
return true; return true;
} }
/**
* Is the URL or Scheme WhiteListed
* This code exists for compatibility between 3.x and 4.x versions of Cordova.
* Previously the Config class had a static method, isUrlWhitelisted(). That
* responsibility has been moved to the plugins, with an aggregating method in
* PluginManager.
*
* @param url, the URL as a String
* @return true if WhiteListed, otherwise null or false
*/
private Boolean isURLWhiteListed(String url) {
Boolean shouldAllowNavigation = null;
if (shouldAllowNavigation == null) {
try {
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
} catch (NoSuchMethodException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (IllegalAccessException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (InvocationTargetException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
}
}
if (shouldAllowNavigation == null) {
try {
Method gpm = webView.getClass().getMethod("getPluginManager");
PluginManager pm = (PluginManager)gpm.invoke(webView);
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
} catch (NoSuchMethodException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (IllegalAccessException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
} catch (InvocationTargetException e) {
LOG.d(LOG_TAG, e.getLocalizedMessage());
}
}
return shouldAllowNavigation;
}
/** /**
* Called when the view navigates. * Called when the view navigates.
*/ */
@ -1129,10 +1112,15 @@ public class InAppBrowser extends CordovaPlugin {
} }
} }
// Test for whitelisted custom scheme names, less than 20 chars long, like mycoolapp: or twitteroauthresponse: (Twitter Oauth Response) // Test for whitelisted custom scheme names, less than 20 chars long, like mycoolapp: or twitteroauthresponse: (Twitter Oauth Response)
else if (url.matches("^[a-z]{0,20}://.*?$")) { else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]{0,20}://.*?$")) {
if (Boolean.TRUE.equals(isURLWhiteListed(url))) { if (allowedSchemes == null) {
String allowed = preferences.getString("AllowedSchemes", "");
allowedSchemes = allowed.split(",");
}
if (allowedSchemes != null) {
for (String scheme : allowedSchemes) {
if (url.startsWith(scheme)) {
try { try {
LOG.w("STEVE IN InAppBrowser.java, whiteliste url SUCCESS: ", url );
JSONObject obj = new JSONObject(); JSONObject obj = new JSONObject();
obj.put("type", "customscheme"); obj.put("type", "customscheme");
obj.put("url", url); obj.put("url", url);
@ -1141,8 +1129,8 @@ public class InAppBrowser extends CordovaPlugin {
} catch (JSONException ex) { } catch (JSONException ex) {
LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error."); LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error.");
} }
} else { }
LOG.w("STEVE IN InAppBrowser.java, whitelisted url FAILURE: ", url ); }
} }
} }