Android JSInjection proxy vs WebViewClient.onPageStarted

[andreievg]

Hi, was wondering about the reason to proxy request and inject JS vs other methods (that don't involve re-implementing fetch functionality):

What happens now:

capacitor/android/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.java

Line 334 in f4e7f19

private WebResourceResponse handleProxyRequest(WebResourceRequest request, PathHandler handler) {

capacitor/android/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.java

Line 348 in f4e7f19

HttpURLConnection conn = (HttpURLConnection) new URL(url).openConnection();

capacitor/android/capacitor/src/main/java/com/getcapacitor/WebViewLocalServer.java

Lines 371 to 372 in f4e7f19

	InputStream responseStream = conn.getInputStream();
	responseStream = jsInjector.getInjectedStream(responseStream);

What could happen:

1. Can use WebView evaluateJavascript on WebViewClient.onPageStarted
2. Maybe use @JavascriptInterface to get prerequisite preferences from native ¯_(ツ)_/¯

The problem I am having:

Have a server/client application, the bundled is accessed from arbitrary servers that use self signed certs (there is a confirmation step to validate that we are connecting to secure server). We are adding an override to control which self signed certs can be trusted (onReceivedSslError), but since the request is proxied this check is not taken into account in handleProxyRequest and capacitor JS is not injected. (btw this server client interaction happens on local network, thus the need for self signed certs)

Current solution:

    @Override
    public void onPageStarted(WebView webView,
                              String url,
                              Bitmap favicon) {

        // There is no way to get the full list of plugins
        List<PluginHandle> pluginList = Arrays.asList(bridge.getPlugin("MyPling"));

        try {
            // From Bridge.getJSInjector()
            String globalJS = JSExport.getGlobalJS(bridge.getContext(), bridge.getConfig().isLoggingEnabled(), bridge.isDevMode());
            String bridgeJS = JSExport.getBridgeJS(bridge.getContext());
            String pluginJS = JSExport.getPluginJS(pluginList);
            String cordovaJS = JSExport.getCordovaJS(bridge.getContext());
            String cordovaPluginsJS = JSExport.getCordovaPluginJS(bridge.getContext());
            String cordovaPluginsFileJS = JSExport.getCordovaPluginsFileJS(bridge.getContext());
            // This would mean getServerUrl wouldn't work correctly (we are not using it)
            String localUrlJS = "window.WEBVIEW_SERVER_URL = '';";

            String fullScript =
                    globalJS +
                            "\n\n" +
                            localUrlJS +
                            "\n\n" +
                            bridgeJS +
                            "\n\n" +
                            pluginJS +
                            "\n\n" +
                            cordovaJS +
                            "\n\n" +
                            cordovaPluginsFileJS +
                            "\n\n" +
                            cordovaPluginsJS;

            // From JSInjector.getScriptString()
            webView.post(() -> webView.evaluateJavascript(fullScript, null));
        } catch (Exception ex) {
            Logger.error("Unable to export Capacitor JS. App will not function!", ex);
        }

Above does work but is hacky, fragile and requires manually adding plugins (since there is no way to access all plugins in bridge afaik).