InAppBrowser.java: New method isURLWhileListed to check for whitelisting.
Newtest in shouldOverrideUrlLoading, to allow whitelisted custom schemes like"mycoolapp://" inappbrowser.js: Added "customscheme" channel.
This commit is contained in:
stevepodell
parent
a6c7b54998
commit
2d69afcd7c
@ -133,6 +133,7 @@ public class InAppBrowser extends CordovaPlugin {
|
||||
private boolean hideUrlBar = false;
|
||||
private boolean showFooter = false;
|
||||
private String footerColor = "";
|
||||
private String[] allowedSchemes;
|
||||
|
||||
/**
|
||||
* Executes the request and returns PluginResult.
|
||||
@ -170,10 +171,33 @@ public class InAppBrowser extends CordovaPlugin {
|
||||
Boolean shouldAllowNavigation = null;
|
||||
if (url.startsWith("javascript:")) {
|
||||
shouldAllowNavigation = true;
|
||||
} else {
|
||||
shouldAllowNavigation = isURLWhiteListed(url);
|
||||
}
|
||||
|
||||
if (shouldAllowNavigation == null) {
|
||||
try {
|
||||
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
|
||||
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
|
||||
} catch (NoSuchMethodException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (IllegalAccessException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (InvocationTargetException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
}
|
||||
}
|
||||
if (shouldAllowNavigation == null) {
|
||||
try {
|
||||
Method gpm = webView.getClass().getMethod("getPluginManager");
|
||||
PluginManager pm = (PluginManager)gpm.invoke(webView);
|
||||
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
|
||||
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
|
||||
} catch (NoSuchMethodException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (IllegalAccessException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (InvocationTargetException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
}
|
||||
}
|
||||
// load in webview
|
||||
if (Boolean.TRUE.equals(shouldAllowNavigation)) {
|
||||
LOG.d(LOG_TAG, "loading in webview");
|
||||
@ -279,47 +303,6 @@ public class InAppBrowser extends CordovaPlugin {
|
||||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* Is the URL or Scheme WhiteListed
|
||||
* This code exists for compatibility between 3.x and 4.x versions of Cordova.
|
||||
* Previously the Config class had a static method, isUrlWhitelisted(). That
|
||||
* responsibility has been moved to the plugins, with an aggregating method in
|
||||
* PluginManager.
|
||||
*
|
||||
* @param url, the URL as a String
|
||||
* @return true if WhiteListed, otherwise null or false
|
||||
*/
|
||||
private Boolean isURLWhiteListed(String url) {
|
||||
Boolean shouldAllowNavigation = null;
|
||||
if (shouldAllowNavigation == null) {
|
||||
try {
|
||||
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
|
||||
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
|
||||
} catch (NoSuchMethodException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (IllegalAccessException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (InvocationTargetException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
}
|
||||
}
|
||||
if (shouldAllowNavigation == null) {
|
||||
try {
|
||||
Method gpm = webView.getClass().getMethod("getPluginManager");
|
||||
PluginManager pm = (PluginManager)gpm.invoke(webView);
|
||||
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
|
||||
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
|
||||
} catch (NoSuchMethodException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (IllegalAccessException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
} catch (InvocationTargetException e) {
|
||||
LOG.d(LOG_TAG, e.getLocalizedMessage());
|
||||
}
|
||||
}
|
||||
return shouldAllowNavigation;
|
||||
}
|
||||
|
||||
/**
|
||||
* Called when the view navigates.
|
||||
*/
|
||||
@ -1129,10 +1112,15 @@ public class InAppBrowser extends CordovaPlugin {
|
||||
}
|
||||
}
|
||||
// Test for whitelisted custom scheme names, less than 20 chars long, like mycoolapp: or twitteroauthresponse: (Twitter Oauth Response)
|
||||
else if (url.matches("^[a-z]{0,20}://.*?$")) {
|
||||
if (Boolean.TRUE.equals(isURLWhiteListed(url))) {
|
||||
else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]{0,20}://.*?$")) {
|
||||
if (allowedSchemes == null) {
|
||||
String allowed = preferences.getString("AllowedSchemes", "");
|
||||
allowedSchemes = allowed.split(",");
|
||||
}
|
||||
if (allowedSchemes != null) {
|
||||
for (String scheme : allowedSchemes) {
|
||||
if (url.startsWith(scheme)) {
|
||||
try {
|
||||
LOG.w("STEVE IN InAppBrowser.java, whiteliste url SUCCESS: ", url );
|
||||
JSONObject obj = new JSONObject();
|
||||
obj.put("type", "customscheme");
|
||||
obj.put("url", url);
|
||||
@ -1141,8 +1129,8 @@ public class InAppBrowser extends CordovaPlugin {
|
||||
} catch (JSONException ex) {
|
||||
LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error.");
|
||||
}
|
||||
} else {
|
||||
LOG.w("STEVE IN InAppBrowser.java, whitelisted url FAILURE: ", url );
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user