You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Karen Tran (JIRA)" <ji...@apache.org> on 2016/03/17 19:51:33 UTC
[jira] [Created] (CB-10897) Cannot access specific non http or
https URLs that are Whitelisted
Karen Tran created CB-10897:
-------------------------------
Summary: Cannot access specific non http or https URLs that are Whitelisted
Key: CB-10897
URL: https://issues.apache.org/jira/browse/CB-10897
Project: Apache Cordova
Issue Type: Bug
Components: Android, Plugin Whitelist
Affects Versions: Master
Environment: cordova-android 5.1.1
Reporter: Karen Tran
Fix For: Master
In config.xml when I whitelist specific non http or https URLs such as
{code}<allow-intent href="mailto:ktop500@gmail.com" />{code}
and in index.html I add a link with that specific URL,
{code}<a href="mailto:ktop500@gmail.com">mailto link</a>{code}
I cannot access the link when I run the application. If I change the allow-intent to use a wildcard, *, I can get it to work.
{code}<allow-intent href="mailto:*" />{code}
The expected behavior is that I should be able to specify an exact URL in the whitelist, but I am not able to. I investigated the Whitelist plugin and Whitelist.java in cordova-android and I found the issue.
First I looked at the whitelist itself. URLs from config.xml are added to the whitelist correctly. No problems here.
Next I looked at how the URL from index.html is being compared to the whitelist. I traced through with the Android Studio debugger and found this:
At [Line 85|https://github.com/apache/cordova-android/blob/master/framework/src/org/apache/cordova/Whitelist.java#L85] of Whitelist.java in cordova-android, there is actually a NullPointerException happening, but it didn't get printed out with the Log :( (this needs to be fixed). I made some modifications to Whitelist.java so that the stack trace gets printed out, along with with values of 'host'.
{noformat}
03-17 13:46:47.399 14000-14000/? I/System.out: uri scheme: mailto
03-17 13:46:47.399 14000-14000/? I/System.out: whitelist scheme: mailto
03-17 13:46:47.399 14000-14000/? I/System.out: uri host: null
03-17 13:46:47.399 14000-14000/? I/System.out: whitelist host: ktop500@gmail\.com
03-17 13:46:47.400 14000-14000/? W/System.err: java.lang.NullPointerException: Attempt to invoke interface method 'int java.lang.CharSequence.length()' on a null object reference
03-17 13:46:47.400 14000-14000/? W/System.err: at java.util.regex.Matcher.reset(Matcher.java:177)
03-17 13:46:47.400 14000-14000/? W/System.err: at java.util.regex.Matcher.<init>(Matcher.java:90)
03-17 13:46:47.400 14000-14000/? W/System.err: at java.util.regex.Pattern.matcher(Pattern.java:297)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.Whitelist$URLPattern.matches(Whitelist.java:88)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.Whitelist.isUrlWhiteListed(Whitelist.java:168)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.whitelist.WhitelistPlugin.shouldOpenExternalUrl(WhitelistPlugin.java:132)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.PluginManager.shouldOpenExternalUrl(PluginManager.java:432)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.CordovaWebViewImpl$EngineClient.onNavigationAttempt(CordovaWebViewImpl.java:605)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.apache.cordova.engine.SystemWebViewClient.shouldOverrideUrlLoading(SystemWebViewClient.java:79)
03-17 13:46:47.400 14000-14000/? W/System.err: at com.android.webview.chromium.WebViewContentsClientAdapter.shouldOverrideUrlLoading(WebViewContentsClientAdapter.java:336)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.chromium.android_webview.AwContentsClient.shouldIgnoreNavigation(AwContentsClient.java:168)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.chromium.android_webview.AwContentsClientBridge.shouldOverrideUrlLoading(AwContentsClientBridge.java:265)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.chromium.base.SystemMessageHandler.nativeDoRunLoopOnce(Native Method)
03-17 13:46:47.400 14000-14000/? W/System.err: at org.chromium.base.SystemMessageHandler.handleMessage(SystemMessageHandler.java:39)
03-17 13:46:47.401 14000-14000/? W/System.err: at android.os.Handler.dispatchMessage(Handler.java:102)
03-17 13:46:47.401 14000-14000/? W/System.err: at android.os.Looper.loop(Looper.java:135)
03-17 13:46:47.401 14000-14000/? W/System.err: at android.app.ActivityThread.main(ActivityThread.java:5254)
03-17 13:46:47.401 14000-14000/? W/System.err: at java.lang.reflect.Method.invoke(Native Method)
03-17 13:46:47.401 14000-14000/? W/System.err: at java.lang.reflect.Method.invoke(Method.java:372)
03-17 13:46:47.401 14000-14000/? W/System.err: at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
03-17 13:46:47.401 14000-14000/? W/System.err: at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698){noformat}
Whitelist host is correct, so that got parsed correctly, but the Uri host is not correct, it is null. We try to call host.matcher(null).matches with a null object and therefore got the NPE.
Working backwards from here, the issue stems from Android's Uri class parsing the URL. At [Line 158|https://github.com/apache/cordova-android/blob/master/framework/src/org/apache/cordova/Whitelist.java#L158] of Whitelist.java, we call:
{code}Uri parsedUri = Uri.parse(uri);{code}
Using the debugger, once the uri gets parsed, you'll see that the value of 'host' is 'NOT_CACHED'. This is the part where I got lost in Android Uri class because it's hard to debug there.
The conclusion that I came to is that Android's Uri class doesn't parse 'host' correctly, but does parse 'scheme' correctly. I also tested market: URL and that has the same behavior.
I can try to work on a solution to this so that we don't have to use the Uri class, but we should probably open a bug against Google.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org