You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ag...@apache.org on 2015/03/03 02:42:42 UTC

android commit: Split out `shouldAllowBridgeAccess` from `shouldAllowNavigation`

Repository: cordova-android
Updated Branches:
  refs/heads/master 1ad280db9 -> afdac9b41


Split out `shouldAllowBridgeAccess` from `shouldAllowNavigation`

This will allow a plugin to be created that allows iframes to be
navigated to, but disallow them from accessing the bridge.

Note: This isn't a configuration that we're planning on supporting with
the default whitelist plugin, but still does make sense to enable for
the experts in the room


Project: http://git-wip-us.apache.org/repos/asf/cordova-android/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-android/commit/afdac9b4
Tree: http://git-wip-us.apache.org/repos/asf/cordova-android/tree/afdac9b4
Diff: http://git-wip-us.apache.org/repos/asf/cordova-android/diff/afdac9b4

Branch: refs/heads/master
Commit: afdac9b413dc06ef63af9fb535f92bd5e1d257e9
Parents: 1ad280d
Author: Andrew Grieve <ag...@chromium.org>
Authored: Mon Mar 2 20:40:08 2015 -0500
Committer: Andrew Grieve <ag...@chromium.org>
Committed: Mon Mar 2 20:40:08 2015 -0500

----------------------------------------------------------------------
 .../src/org/apache/cordova/CordovaBridge.java    |  2 +-
 .../src/org/apache/cordova/CordovaPlugin.java    | 12 +++++++++++-
 .../src/org/apache/cordova/PluginManager.java    | 19 +++++++++++++++++++
 3 files changed, 31 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-android/blob/afdac9b4/framework/src/org/apache/cordova/CordovaBridge.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/CordovaBridge.java b/framework/src/org/apache/cordova/CordovaBridge.java
index b9c6098..7bc4a55 100644
--- a/framework/src/org/apache/cordova/CordovaBridge.java
+++ b/framework/src/org/apache/cordova/CordovaBridge.java
@@ -167,7 +167,7 @@ public class CordovaBridge {
         else if (defaultValue != null && defaultValue.startsWith("gap_init:")) {
             // Protect against random iframes being able to talk through the bridge.
             // Trust only pages which the app would have been allowed to navigate to anyway.
-            if (pluginManager.shouldAllowNavigation(origin)) {
+            if (pluginManager.shouldAllowBridgeAccess(origin)) {
                 // Enable the bridge
                 int bridgeMode = Integer.parseInt(defaultValue.substring(9));
                 jsMessageQueue.setBridgeMode(bridgeMode);

http://git-wip-us.apache.org/repos/asf/cordova-android/blob/afdac9b4/framework/src/org/apache/cordova/CordovaPlugin.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/CordovaPlugin.java b/framework/src/org/apache/cordova/CordovaPlugin.java
index 71bf5cd..c223f5c 100644
--- a/framework/src/org/apache/cordova/CordovaPlugin.java
+++ b/framework/src/org/apache/cordova/CordovaPlugin.java
@@ -192,7 +192,8 @@ public class CordovaPlugin {
     }
 
     /**
-     * Hook for blocking navigation by the Cordova WebView.
+     * Hook for blocking navigation by the Cordova WebView. This applies both to top-level and
+     * iframe navigations.
      *
      * This will be called when the WebView's needs to know whether to navigate
      * to a new page. Return false to block the navigation: if any plugin
@@ -205,6 +206,15 @@ public class CordovaPlugin {
     }
 
     /**
+     * Hook for allowing page to call exec(). By default, this returns the result of
+     * shouldAllowNavigation(). It's generally unsafe to allow untrusted content to be loaded
+     * into a CordovaWebView, even within an iframe, so it's best not to touch this.
+     */
+    public Boolean shouldAllowBridgeAccess(String url) {
+        return shouldAllowNavigation(url);
+    }
+
+    /**
      * Hook for blocking the launching of Intents by the Cordova application.
      *
      * This will be called when the WebView will not navigate to a page, but

http://git-wip-us.apache.org/repos/asf/cordova-android/blob/afdac9b4/framework/src/org/apache/cordova/PluginManager.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/PluginManager.java b/framework/src/org/apache/cordova/PluginManager.java
index 4d7c823..f850342 100755
--- a/framework/src/org/apache/cordova/PluginManager.java
+++ b/framework/src/org/apache/cordova/PluginManager.java
@@ -365,6 +365,25 @@ public class PluginManager {
         return url.startsWith("file://");
     }
 
+
+    /**
+     * Called when the webview is requesting the exec() bridge be enabled.
+     */
+    public boolean shouldAllowBridgeAccess(String url) {
+        for (PluginEntry entry : this.entryMap.values()) {
+            CordovaPlugin plugin = pluginMap.get(entry.service);
+            if (plugin != null) {
+                Boolean result = plugin.shouldAllowBridgeAccess(url);
+                if (result != null) {
+                    return result;
+                }
+            }
+        }
+
+        // Default policy:
+        return url.startsWith("file://");
+    }
+
     /**
      * Called when the webview is going not going to navigate, but may launch
      * an Intent for an URL.


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org