@@ -15,6 +15,7 @@ public void onCreate(Bundle savedInstanceState) {
15
15
testUniversalFileAccessEnabledWebView ();
16
16
testFileAccessEnabledWebView ();
17
17
testSafeWebView ();
18
+ testCrossOriginEnabledJsDisabledWebView ();
18
19
}
19
20
20
21
private void testJavaScriptEnabledWebView () {
@@ -39,6 +40,7 @@ public boolean shouldOverrideUrlLoading(WebView view, String url) {
39
40
private void testUniversalFileAccessEnabledWebView () {
40
41
WebView wv = (WebView ) findViewById (R .id .my_webview );
41
42
WebSettings webSettings = wv .getSettings ();
43
+ webSettings .setJavaScriptEnabled (true );
42
44
webSettings .setAllowUniversalAccessFromFileURLs (true );
43
45
44
46
wv .setWebViewClient (new WebViewClient () {
@@ -58,6 +60,7 @@ public boolean shouldOverrideUrlLoading(WebView view, String url) {
58
60
private void testFileAccessEnabledWebView () {
59
61
WebView wv = (WebView ) findViewById (R .id .my_webview );
60
62
WebSettings webSettings = wv .getSettings ();
63
+ webSettings .setJavaScriptEnabled (true );
61
64
webSettings .setAllowFileAccessFromFileURLs (true );
62
65
63
66
wv .setWebViewClient (new WebViewClient () {
@@ -90,4 +93,25 @@ public boolean shouldOverrideUrlLoading(WebView view, String url) {
90
93
wv .loadUrl ("https://www.mycorp.com/" + thisUrl ); // Safe
91
94
wv .loadUrl ("https://www.mycorp.com" ); // Safe
92
95
}
93
- }
96
+
97
+ private void testCrossOriginEnabledJsDisabledWebView () {
98
+ WebView wv = (WebView ) findViewById (-1 );
99
+ WebSettings webSettings = wv .getSettings ();
100
+ webSettings .setAllowUniversalAccessFromFileURLs (true );
101
+ webSettings .setAllowFileAccessFromFileURLs (true );
102
+
103
+ wv .setWebViewClient (new WebViewClient () {
104
+ @ Override
105
+ public boolean shouldOverrideUrlLoading (WebView view , String url ) {
106
+ view .loadUrl (url );
107
+ return true ;
108
+ }
109
+
110
+ });
111
+
112
+ String thisUrl = getIntent ().getExtras ().getString ("url" );
113
+ wv .loadUrl (thisUrl ); // Safe
114
+ wv .loadUrl ("https://www.mycorp.com/" + thisUrl ); // Safe
115
+ wv .loadUrl ("https://www.mycorp.com" ); // Safe
116
+ }
117
+ }
0 commit comments