Skip to content

Commit 2d69afc

Browse files
SailingSteveSailingSteve
committed
InAppBrowser.java: New method isURLWhileListed to check for whitelisting.
Newtest in shouldOverrideUrlLoading, to allow whitelisted custom schemes like"mycoolapp://" inappbrowser.js: Added "customscheme" channel.
1 parent a6c7b54 commit 2d69afc

File tree

1 file changed

+45
-57
lines changed

1 file changed

+45
-57
lines changed

src/android/InAppBrowser.java

Lines changed: 45 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -133,6 +133,7 @@ public class InAppBrowser extends CordovaPlugin {
133133
private boolean hideUrlBar = false;
134134
private boolean showFooter = false;
135135
private String footerColor = "";
136+
private String[] allowedSchemes;
136137

137138
/**
138139
* Executes the request and returns PluginResult.
@@ -170,10 +171,33 @@ public void run() {
170171
Boolean shouldAllowNavigation = null;
171172
if (url.startsWith("javascript:")) {
172173
shouldAllowNavigation = true;
173-
} else {
174-
shouldAllowNavigation = isURLWhiteListed(url);
175174
}
176-
175+
if (shouldAllowNavigation == null) {
176+
try {
177+
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
178+
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
179+
} catch (NoSuchMethodException e) {
180+
LOG.d(LOG_TAG, e.getLocalizedMessage());
181+
} catch (IllegalAccessException e) {
182+
LOG.d(LOG_TAG, e.getLocalizedMessage());
183+
} catch (InvocationTargetException e) {
184+
LOG.d(LOG_TAG, e.getLocalizedMessage());
185+
}
186+
}
187+
if (shouldAllowNavigation == null) {
188+
try {
189+
Method gpm = webView.getClass().getMethod("getPluginManager");
190+
PluginManager pm = (PluginManager)gpm.invoke(webView);
191+
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
192+
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
193+
} catch (NoSuchMethodException e) {
194+
LOG.d(LOG_TAG, e.getLocalizedMessage());
195+
} catch (IllegalAccessException e) {
196+
LOG.d(LOG_TAG, e.getLocalizedMessage());
197+
} catch (InvocationTargetException e) {
198+
LOG.d(LOG_TAG, e.getLocalizedMessage());
199+
}
200+
}
177201
// load in webview
178202
if (Boolean.TRUE.equals(shouldAllowNavigation)) {
179203
LOG.d(LOG_TAG, "loading in webview");
@@ -279,47 +303,6 @@ public void run() {
279303
return true;
280304
}
281305

282-
/**
283-
* Is the URL or Scheme WhiteListed
284-
* This code exists for compatibility between 3.x and 4.x versions of Cordova.
285-
* Previously the Config class had a static method, isUrlWhitelisted(). That
286-
* responsibility has been moved to the plugins, with an aggregating method in
287-
* PluginManager.
288-
*
289-
* @param url, the URL as a String
290-
* @return true if WhiteListed, otherwise null or false
291-
*/
292-
private Boolean isURLWhiteListed(String url) {
293-
Boolean shouldAllowNavigation = null;
294-
if (shouldAllowNavigation == null) {
295-
try {
296-
Method iuw = Config.class.getMethod("isUrlWhiteListed", String.class);
297-
shouldAllowNavigation = (Boolean)iuw.invoke(null, url);
298-
} catch (NoSuchMethodException e) {
299-
LOG.d(LOG_TAG, e.getLocalizedMessage());
300-
} catch (IllegalAccessException e) {
301-
LOG.d(LOG_TAG, e.getLocalizedMessage());
302-
} catch (InvocationTargetException e) {
303-
LOG.d(LOG_TAG, e.getLocalizedMessage());
304-
}
305-
}
306-
if (shouldAllowNavigation == null) {
307-
try {
308-
Method gpm = webView.getClass().getMethod("getPluginManager");
309-
PluginManager pm = (PluginManager)gpm.invoke(webView);
310-
Method san = pm.getClass().getMethod("shouldAllowNavigation", String.class);
311-
shouldAllowNavigation = (Boolean)san.invoke(pm, url);
312-
} catch (NoSuchMethodException e) {
313-
LOG.d(LOG_TAG, e.getLocalizedMessage());
314-
} catch (IllegalAccessException e) {
315-
LOG.d(LOG_TAG, e.getLocalizedMessage());
316-
} catch (InvocationTargetException e) {
317-
LOG.d(LOG_TAG, e.getLocalizedMessage());
318-
}
319-
}
320-
return shouldAllowNavigation;
321-
}
322-
323306
/**
324307
* Called when the view navigates.
325308
*/
@@ -1129,20 +1112,25 @@ else if (url.startsWith("sms:")) {
11291112
}
11301113
}
11311114
// Test for whitelisted custom scheme names, less than 20 chars long, like mycoolapp: or twitteroauthresponse: (Twitter Oauth Response)
1132-
else if (url.matches("^[a-z]{0,20}://.*?$")) {
1133-
if (Boolean.TRUE.equals(isURLWhiteListed(url))) {
1134-
try {
1135-
LOG.w("STEVE IN InAppBrowser.java, whiteliste url SUCCESS: ", url );
1136-
JSONObject obj = new JSONObject();
1137-
obj.put("type", "customscheme");
1138-
obj.put("url", url);
1139-
sendUpdate(obj, true);
1140-
return true;
1141-
} catch (JSONException ex) {
1142-
LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error.");
1115+
else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]{0,20}://.*?$")) {
1116+
if (allowedSchemes == null) {
1117+
String allowed = preferences.getString("AllowedSchemes", "");
1118+
allowedSchemes = allowed.split(",");
1119+
}
1120+
if (allowedSchemes != null) {
1121+
for (String scheme : allowedSchemes) {
1122+
if (url.startsWith(scheme)) {
1123+
try {
1124+
JSONObject obj = new JSONObject();
1125+
obj.put("type", "customscheme");
1126+
obj.put("url", url);
1127+
sendUpdate(obj, true);
1128+
return true;
1129+
} catch (JSONException ex) {
1130+
LOG.e(LOG_TAG, "Custom Scheme URI passed in has caused a JSON error.");
1131+
}
1132+
}
11431133
}
1144-
} else {
1145-
LOG.w("STEVE IN InAppBrowser.java, whitelisted url FAILURE: ", url );
11461134
}
11471135
}
11481136

0 commit comments

Comments
 (0)