You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ag...@apache.org on 2015/03/11 15:22:26 UTC
cordova-plugins git commit: Moved whitelist & legacy-whitelist into
their own repos
Repository: cordova-plugins
Updated Branches:
refs/heads/master 4c595daad -> 65775dd59
Moved whitelist & legacy-whitelist into their own repos
Project: http://git-wip-us.apache.org/repos/asf/cordova-plugins/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-plugins/commit/65775dd5
Tree: http://git-wip-us.apache.org/repos/asf/cordova-plugins/tree/65775dd5
Diff: http://git-wip-us.apache.org/repos/asf/cordova-plugins/diff/65775dd5
Branch: refs/heads/master
Commit: 65775dd59f0ac70fe4c27628bd6f339d6dae6ea3
Parents: 4c595da
Author: Andrew Grieve <ag...@chromium.org>
Authored: Wed Mar 11 10:21:52 2015 -0400
Committer: Andrew Grieve <ag...@chromium.org>
Committed: Wed Mar 11 10:21:52 2015 -0400
----------------------------------------------------------------------
legacy-whitelist/README.md | 9 --
legacy-whitelist/plugin.xml | 54 -------
.../src/android/LegacyWhitelistPlugin.java | 83 ----------
.../src/ios/CDVLegacyWhitelistPlugin.h | 32 ----
.../src/ios/CDVLegacyWhitelistPlugin.m | 106 -------------
whitelist/README.md | 119 --------------
whitelist/plugin.xml | 48 ------
whitelist/src/android/WhitelistPlugin.java | 159 -------------------
.../src/ios/CDVNavigationWhitelistPlugin.h | 31 ----
.../src/ios/CDVNavigationWhitelistPlugin.m | 89 -----------
whitelist/whitelist.js | 27 ----
11 files changed, 757 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/legacy-whitelist/README.md
----------------------------------------------------------------------
diff --git a/legacy-whitelist/README.md b/legacy-whitelist/README.md
deleted file mode 100644
index c7d60fd..0000000
--- a/legacy-whitelist/README.md
+++ /dev/null
@@ -1,9 +0,0 @@
-cordova-plugin-legacy-whitelist
-===============================
-
-This plugin implements the Cordova 3.6 Whitelist policy for Cordova 4.0.
-
-Currently only supports the "unplug-whitelist" branch of cordova-android and cordova-ios
-
-Usage:
- Use <access> tags, just as in previous versions of Cordova.
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/legacy-whitelist/plugin.xml
----------------------------------------------------------------------
diff --git a/legacy-whitelist/plugin.xml b/legacy-whitelist/plugin.xml
deleted file mode 100644
index 5d246e5..0000000
--- a/legacy-whitelist/plugin.xml
+++ /dev/null
@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
-xmlns:android="http://schemas.android.com/apk/res/android"
- id="org.apache.cordova.legacy-whitelist"
- version="0.0.1-dev">
- <name>Whitelist</name>
- <description>Cordova Legacy Whitelist Plugin</description>
- <license>Apache 2.0</license>
- <keywords>cordova,whitelist</keywords>
-
- <platform name="android">
- <config-file target="res/xml/config.xml" parent="/*">
- <feature name="Whitelist" >
- <param name="android-package" value="org.apache.cordova.whitelist.LegacyWhitelistPlugin"/>
- <param name="onload" value="true" />
- </feature>
- </config-file>
-
- <source-file src="src/android/LegacyWhitelistPlugin.java" target-dir="src/org/apache/cordova/whitelist" />
- </platform>
-
- <!--
- <platform name="ios">
- <config-file target="config.xml" parent="/*">
- <feature name="Whitelist">
- <param name="ios-package" value="CDVLegacyWhitelistPlugin"/>
- <param name="onload" value="true" />
- </feature>
- </config-file>
-
- <header-file src="src/ios/CDVLegacyWhitelistPlugin.h" />
- <source-file src="src/ios/CDVLegacyWhitelistPlugin.m" />
- </platform>
- -->
-</plugin>
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/legacy-whitelist/src/android/LegacyWhitelistPlugin.java
----------------------------------------------------------------------
diff --git a/legacy-whitelist/src/android/LegacyWhitelistPlugin.java b/legacy-whitelist/src/android/LegacyWhitelistPlugin.java
deleted file mode 100644
index 1199466..0000000
--- a/legacy-whitelist/src/android/LegacyWhitelistPlugin.java
+++ /dev/null
@@ -1,83 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-*/
-
-package org.apache.cordova.whitelist;
-
-import org.apache.cordova.CordovaInterface;
-import org.apache.cordova.CordovaPlugin;
-import org.apache.cordova.CordovaWebView;
-import org.apache.cordova.ConfigXmlParser;
-import org.apache.cordova.Whitelist;
-import android.content.res.XmlResourceParser;
-
-public class LegacyWhitelistPlugin extends CordovaPlugin {
-
- private Whitelist internalWhitelist = new Whitelist();
- private Whitelist externalWhitelist = new Whitelist();
-
- private static final String TAG = "Whitelist";
-
- public void initialize(CordovaInterface cordova, CordovaWebView webView) {
- // Add implicitly allowed URLs
- internalWhitelist.addWhiteListEntry("file:///*", false);
- internalWhitelist.addWhiteListEntry("content:///*", false);
- internalWhitelist.addWhiteListEntry("data:*", false);
-
- new ConfigXmlParser(){
- public void handleStartTag(XmlResourceParser xml) {
- String strNode = xml.getName();
- if (strNode.equals("access")) {
- String origin = xml.getAttributeValue(null, "origin");
- String subdomains = xml.getAttributeValue(null, "subdomains");
- boolean external = (xml.getAttributeValue(null, "launch-external") != null);
- if (origin != null) {
- if (external) {
- externalWhitelist.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
- } else {
- if ("*".equals(origin)) {
- // Special-case * origin to mean http and https when used for internal
- // whitelist. This prevents external urls like sms: and geo: from being
- // handled internally.
- internalWhitelist.addWhiteListEntry("http://*/*", false);
- internalWhitelist.addWhiteListEntry("https://*/*", false);
- } else {
- internalWhitelist.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
- }
- }
- }
- }
- }
- public void handleEndTag(XmlResourceParser xml) {
- }
- }.parse(cordova.getActivity());
- }
-
- public Boolean shouldAllowRequest(String url) {
- return internalWhitelist.isUrlWhiteListed(url);
- }
-
- public Boolean shouldAllowNavigation(String url) {
- return internalWhitelist.isUrlWhiteListed(url);
- }
-
- public Boolean shouldOpenExternalUrl(String url) {
- return externalWhitelist.isUrlWhiteListed(url);
- }
-
-}
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.h
----------------------------------------------------------------------
diff --git a/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.h b/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.h
deleted file mode 100644
index 30ea3e3..0000000
--- a/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.h
+++ /dev/null
@@ -1,32 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
- */
-
-#import <UIKit/UIKit.h>
-#import <Cordova/CDVPlugin.h>
-#import <Cordova/CDVWhitelist.h>
-
-@interface CDVLegacyWhitelistPlugin : CDVPlugin {}
-
-@property (nonatomic, readonly, strong) CDVWhitelist* whitelist; // readonly for public
-
-- (BOOL)shouldAllowNavigationToURL:(NSURL *)url;
-- (BOOL)shouldAllowRequestForURL:(NSURL *)url;
-- (BOOL)shouldOpenExternalURL:(NSURL *)url;
-
-@end
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.m
----------------------------------------------------------------------
diff --git a/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.m b/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.m
deleted file mode 100644
index fb7bdf9..0000000
--- a/legacy-whitelist/src/ios/CDVLegacyWhitelistPlugin.m
+++ /dev/null
@@ -1,106 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
- */
-
-#import "CDVLegacyWhitelistPlugin.h"
-#import <Cordova/CDVViewController.h>
-
-#pragma mark CDVWhitelistConfigParser
-
-@interface CDVWhitelistConfigParser : NSObject <NSXMLParserDelegate> {}
-
-@property (nonatomic, strong) NSMutableArray* whitelistHosts;
-
-@end
-
-@implementation CDVWhitelistConfigParser
-
-@synthesize whitelistHosts;
-
-- (id)init
-{
- self = [super init];
- if (self != nil) {
- self.whitelistHosts = [[NSMutableArray alloc] initWithCapacity:30];
- [self.whitelistHosts addObject:@"file:///*"];
- [self.whitelistHosts addObject:@"content:///*"];
- [self.whitelistHosts addObject:@"data:///*"];
- }
- return self;
-}
-
-- (void)parser:(NSXMLParser*)parser didStartElement:(NSString*)elementName namespaceURI:(NSString*)namespaceURI qualifiedName:(NSString*)qualifiedName attributes:(NSDictionary*)attributeDict
-{
- if ([elementName isEqualToString:@"access"]) {
- [whitelistHosts addObject:attributeDict[@"origin"]];
- }
-}
-
-- (void)parser:(NSXMLParser*)parser didEndElement:(NSString*)elementName namespaceURI:(NSString*)namespaceURI qualifiedName:(NSString*)qualifiedName
-{
-}
-
-- (void)parser:(NSXMLParser*)parser parseErrorOccurred:(NSError*)parseError
-{
- NSAssert(NO, @"config.xml parse error line %ld col %ld", (long)[parser lineNumber], (long)[parser columnNumber]);
-}
-
-
-@end
-
-#pragma mark CDVLegacyWhitelistPlugin
-
-@interface CDVLegacyWhitelistPlugin () {}
-@property (nonatomic, strong) CDVWhitelist* whitelist;
-@end
-
-@implementation CDVLegacyWhitelistPlugin
-
-@synthesize whitelist;
-
-- (void)setViewController:(UIViewController *)viewController
-{
- if ([viewController isKindOfClass:[CDVViewController class]]) {
- CDVWhitelistConfigParser *whitelistConfigParser = [[CDVWhitelistConfigParser alloc] init];
- [(CDVViewController *)viewController parseSettingsWithParser:whitelistConfigParser];
- self.whitelist = [[CDVWhitelist alloc] initWithArray:whitelistConfigParser.whitelistHosts];
- }
-}
-
-- (BOOL)shouldAllowNavigationToURL:(NSURL *)url
-{
- return [self.whitelist URLIsAllowed:url];
-}
-
-- (BOOL)shouldAllowRequestForURL:(NSURL *)url
-{
- return [self.whitelist URLIsAllowed:url];
-}
-
-- (BOOL)shouldOpenExternalURL:(NSURL *)url
-{
- /*
- * all tel: scheme urls we let the UIWebview handle it using the default behavior
- */
- if ([[url scheme] isEqualToString:@"tel"]) {
- return YES;
- }
- return NO;
-}
-
-@end
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/README.md
----------------------------------------------------------------------
diff --git a/whitelist/README.md b/whitelist/README.md
deleted file mode 100644
index 09224c6..0000000
--- a/whitelist/README.md
+++ /dev/null
@@ -1,119 +0,0 @@
-# cordova-plugin-whitelist
-
-This plugin implements a whitelist policy for navigating the application webview on Cordova 4.0
-
-## Supported Cordova Platforms
-
-* Android 4.0.0 or above
-
-## Navigation Whitelist
-Controls which URLs the WebView itself can be navigated to. Applies to
-top-level navigations only.
-
-Quirks: on Android it also applies to iframes for non-http(s) schemes.
-
-By default, navigations only to `file://` URLs, are allowed. To allow other
-other URLs, you must add `<allow-navigation>` tags to your `config.xml`:
-
- <!-- Allow links to example.com -->
- <allow-navigation href="http://example.com/*" />
-
- <!-- Wildcards are allowed for the protocol, as a prefix
- to the host, or as a suffix to the path -->
- <allow-havigation href="*://*.example.com/*" />
-
- <!-- A wildcard can be used to whitelist the entire network,
- over HTTP and HTTPS.
- *NOT RECOMMENDED* -->
- <allow-navigation href="*" />
-
- <!-- The above is equivalent to these three declarations -->
- <allow-navigation href="http://*/*" />
- <allow-navigation href="https://*/*" />
- <allow-navigation href="data:*" />
-
-## Intent Whitelist
-Controls which URLs the app is allowed to ask the system to open.
-By default, no external URLs are allowed.
-
-On Android, this equates to sending an intent of type BROWSEABLE.
-
-This whitelist does not apply to plugins, only hyperlinks and calls to `window.open()`.
-
-In `config.xml`, add `<allow-intent>` tags, like this:
-
- <!-- Allow links to web pages to open in a browser -->
- <allow-intent href="http://*/*" />
- <allow-intent href="https://*/*" />
-
- <!-- Allow links to example.com to open in a browser -->
- <allow-intent href="http://example.com/*" />
-
- <!-- Wildcards are allowed for the protocol, as a prefix
- to the host, or as a suffix to the path -->
- <allow-intent href="*://*.example.com/*" />
-
- <!-- Allow SMS links to open messaging app -->
- <allow-intent href="sms:*" />
-
- <!-- Allow tel: links to open the dialer -->
- <allow-intent href="tel:*" />
-
- <!-- Allow geo: links to open maps -->
- <allow-intent href="geo:*" />
-
- <!-- Allow all unrecognized URLs to open installed apps
- *NOT RECOMMENDED* -->
- <allow-intent href="*" />
-
-## Network Request Whitelist
-Controls which network requests (images, XHRs, etc) are allowed to be made (via cordova native hooks).
-
-Note: We suggest you use a Content Security Policy (see below), which is more secure. This whitelist is mostly historical for webviews which do not support CSP.
-
-In `config.xml`, add `<access>` tags, like this:
-
- <!-- Allow images, xhrs, etc. to google.com -->
- <access origin="http://google.com" />
- <access origin="https://google.com" />
-
- <!-- Access to the subdomain maps.google.com -->
- <access origin="http://maps.google.com" />
-
- <!-- Access to all the subdomains on google.com -->
- <access origin="http://*.google.com" />
-
- <!-- Enable requests to content: URLs -->
- <access origin="content:///*" />
-
- <!-- Don't block any requests -->
- <access origin="*" />
-
-Without any `<access>` tags, only requests to `file://` URLs are allowed. However, the default Cordova application includes `<access origin="*">` by default.
-
-Quirk: Android also allows requests to https://ssl.gstatic.com/accessibility/javascript/android/ by default, since this is required for TalkBack to function properly.
-
-### Content Security Policy
-Controls which network requests (images, XHRs, etc) are allowed to be made (via webview directly).
-
-On Android and iOS, the network request whitelist (see above) is not able to filter all types of requests (e.g. `<video>` & WebSockets are not blocked). So, in addition to the whitelist, you should use a [Content Security Policy](http://content-security-policy.com/) `<meta>` tag on all of your pages.
-
-On Android, support for CSP within the system webview starts with KitKat (but is available on all versions using Crosswalk WebView).
-
-Here are some example CSP declarations for your `.html` pages:
-
- <!-- Allow requests to foo.com -->
- <meta http-equiv="Content-Security-Policy" content="default-src 'self' foo.com"/>
-
- <!-- Enable all requests, inline styles, and eval() -->
- <meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src: 'self' 'unsafe-inline' 'unsafe-eval' "/>
-
- <!-- Allow requests to https://ssl.gstatic.com/accessibility/javascript/android/ (required for TalkBack on Android) -->
- <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://ssl.gstatic.com/accessibility/javascript/android/"/>
-
- <!-- Allow XHRs via https only -->
- <meta http-equiv="Content-Security-Policy" content="default-src 'self' https:"/>
-
- <!-- Allow data: URLs within iframes -->
- <!-- Note: You would also need an <allow-navigation href="data:*" /> in your config.xml -->
- <meta http-equiv="Content-Security-Policy" content="default-src 'self'; frame-src 'self' data:"/>
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/plugin.xml
----------------------------------------------------------------------
diff --git a/whitelist/plugin.xml b/whitelist/plugin.xml
deleted file mode 100644
index 889e609..0000000
--- a/whitelist/plugin.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
--->
-
-<plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
-xmlns:android="http://schemas.android.com/apk/res/android"
- id="org.apache.cordova.whitelist"
- version="0.0.1-dev">
- <name>Whitelist</name>
- <description>Cordova Network Whitelist Plugin</description>
- <license>Apache 2.0</license>
- <keywords>cordova,whitelist,policy</keywords>
-
- <engines>
- <engine name="cordova-android" version=">=4.0.0-dev" />
- </engines>
-
- <platform name="android">
- <config-file target="res/xml/config.xml" parent="/*">
- <feature name="Whitelist" >
- <param name="android-package" value="org.apache.cordova.whitelist.WhitelistPlugin"/>
- <param name="onload" value="true" />
- </feature>
- </config-file>
-
- <source-file src="src/android/WhitelistPlugin.java" target-dir="src/org/apache/cordova/whitelist" />
-
- <js-module src="whitelist.js" name="whitelist">
- <runs />
- </js-module>
- </platform>
-</plugin>
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/src/android/WhitelistPlugin.java
----------------------------------------------------------------------
diff --git a/whitelist/src/android/WhitelistPlugin.java b/whitelist/src/android/WhitelistPlugin.java
deleted file mode 100644
index 1fdb7ed..0000000
--- a/whitelist/src/android/WhitelistPlugin.java
+++ /dev/null
@@ -1,159 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-*/
-
-package org.apache.cordova.whitelist;
-
-import org.apache.cordova.CordovaPlugin;
-import org.apache.cordova.ConfigXmlParser;
-import org.apache.cordova.Whitelist;
-import org.xmlpull.v1.XmlPullParser;
-
-import android.content.Context;
-import android.util.Log;
-
-public class WhitelistPlugin extends CordovaPlugin {
- private static final String LOG_TAG = "WhitelistPlugin";
- private Whitelist allowedNavigations;
- private Whitelist allowedIntents;
- private Whitelist allowedRequests;
-
- // Used when instantiated via reflection by PluginManager
- public WhitelistPlugin() {
- }
- // These can be used by embedders to allow Java-configuration of whitelists.
- public WhitelistPlugin(Context context) {
- this(new Whitelist(), new Whitelist(), null);
- new CustomConfigXmlParser().parse(context);
- }
- public WhitelistPlugin(XmlPullParser xmlParser) {
- this(new Whitelist(), new Whitelist(), null);
- new CustomConfigXmlParser().parse(xmlParser);
- }
- public WhitelistPlugin(Whitelist allowedNavigations, Whitelist allowedIntents, Whitelist allowedRequests) {
- if (allowedRequests == null) {
- allowedRequests = new Whitelist();
- allowedRequests.addWhiteListEntry("file:///*", false);
- allowedRequests.addWhiteListEntry("data:*", false);
- }
- this.allowedNavigations = allowedNavigations;
- this.allowedIntents = allowedIntents;
- this.allowedRequests = allowedRequests;
- }
- @Override
- public void pluginInitialize() {
- if (allowedNavigations == null) {
- allowedNavigations = new Whitelist();
- allowedIntents = new Whitelist();
- allowedRequests = new Whitelist();
- new CustomConfigXmlParser().parse(webView.getContext());
- }
- }
-
- private class CustomConfigXmlParser extends ConfigXmlParser {
- public void handleStartTag(XmlPullParser xml) {
- String strNode = xml.getName();
- if (strNode.equals("content")) {
- String startPage = xml.getAttributeValue(null, "src");
- allowedNavigations.addWhiteListEntry(startPage, false);
- } else if (strNode.equals("allow-navigation")) {
- String origin = xml.getAttributeValue(null, "href");
- if ("*".equals(origin)) {
- allowedNavigations.addWhiteListEntry("http://*/*", false);
- allowedNavigations.addWhiteListEntry("https://*/*", false);
- allowedNavigations.addWhiteListEntry("data:*", false);
- } else {
- allowedNavigations.addWhiteListEntry(origin, false);
- }
- } else if (strNode.equals("allow-intent")) {
- String origin = xml.getAttributeValue(null, "href");
- allowedIntents.addWhiteListEntry(origin, false);
- } else if (strNode.equals("access")) {
- String origin = xml.getAttributeValue(null, "origin");
- String subdomains = xml.getAttributeValue(null, "subdomains");
- boolean external = (xml.getAttributeValue(null, "launch-external") != null);
- if (origin != null) {
- if (external) {
- Log.w(LOG_TAG, "Found <access launch-external> within config.xml. Please use <allow-intent> instead.");
- allowedIntents.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
- } else {
- if ("*".equals(origin)) {
- allowedRequests.addWhiteListEntry("http://*/*", false);
- allowedRequests.addWhiteListEntry("https://*/*", false);
- } else {
- allowedRequests.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
- }
- }
- }
- }
- }
- public void handleEndTag(XmlPullParser xml) {
- }
- }
-
- @Override
- public Boolean shouldAllowNavigation(String url) {
- if (allowedNavigations.isUrlWhiteListed(url)) {
- return true;
- }
- return null; // Default policy
- }
-
- @Override
- public Boolean shouldAllowRequest(String url) {
- if (Boolean.TRUE == shouldAllowNavigation(url)) {
- return true;
- }
- if (allowedRequests.isUrlWhiteListed(url)) {
- return true;
- }
- return null; // Default policy
- }
-
- @Override
- public Boolean shouldOpenExternalUrl(String url) {
- if (allowedIntents.isUrlWhiteListed(url)) {
- return true;
- }
- return null; // Default policy
- }
-
- public Whitelist getAllowedNavigations() {
- return allowedNavigations;
- }
-
- public void setAllowedNavigations(Whitelist allowedNavigations) {
- this.allowedNavigations = allowedNavigations;
- }
-
- public Whitelist getAllowedIntents() {
- return allowedIntents;
- }
-
- public void setAllowedIntents(Whitelist allowedIntents) {
- this.allowedIntents = allowedIntents;
- }
-
- public Whitelist getAllowedRequests() {
- return allowedRequests;
- }
-
- public void setAllowedRequests(Whitelist allowedRequests) {
- this.allowedRequests = allowedRequests;
- }
-}
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/src/ios/CDVNavigationWhitelistPlugin.h
----------------------------------------------------------------------
diff --git a/whitelist/src/ios/CDVNavigationWhitelistPlugin.h b/whitelist/src/ios/CDVNavigationWhitelistPlugin.h
deleted file mode 100644
index d0b9365..0000000
--- a/whitelist/src/ios/CDVNavigationWhitelistPlugin.h
+++ /dev/null
@@ -1,31 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
- */
-
-#import <UIKit/UIKit.h>
-#import <Cordova/CDVPlugin.h>
-#import <Cordova/CDVWhitelist.h>
-
-@interface CDVNavigationWhitelistPlugin : CDVPlugin {}
-
-@property (nonatomic, readonly, strong) CDVWhitelist* whitelist; // readonly for public
-
-- (BOOL)shouldAllowNavigationToURL:(NSURL *)url;
-- (BOOL)shouldAllowRequestForURL:(NSURL *)url;
-
-@end
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/src/ios/CDVNavigationWhitelistPlugin.m
----------------------------------------------------------------------
diff --git a/whitelist/src/ios/CDVNavigationWhitelistPlugin.m b/whitelist/src/ios/CDVNavigationWhitelistPlugin.m
deleted file mode 100644
index 5895e89..0000000
--- a/whitelist/src/ios/CDVNavigationWhitelistPlugin.m
+++ /dev/null
@@ -1,89 +0,0 @@
-/*
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
- */
-
-#import "CDVNavigationWhitelistPlugin.h"
-#import <Cordova/CDVViewController.h>
-
-#pragma mark CDVNavigationWhitelistConfigParser
-
-@interface CDVNavigationWhitelistConfigParser : NSObject <NSXMLParserDelegate> {}
-
-@property (nonatomic, strong) NSMutableArray* whitelistHosts;
-
-@end
-
-@implementation CDVNavigationWhitelistConfigParser
-
-@synthesize whitelistHosts;
-
-- (id)init
-{
- self = [super init];
- if (self != nil) {
- self.whitelistHosts = [[NSMutableArray alloc] initWithCapacity:30];
- [self.whitelistHosts addObject:@"file:///*"];
- [self.whitelistHosts addObject:@"content:///*"];
- [self.whitelistHosts addObject:@"data:///*"];
- }
- return self;
-}
-
-- (void)parser:(NSXMLParser*)parser didStartElement:(NSString*)elementName namespaceURI:(NSString*)namespaceURI qualifiedName:(NSString*)qualifiedName attributes:(NSDictionary*)attributeDict
-{
- if ([elementName isEqualToString:@"allow-navigation"]) {
- [whitelistHosts addObject:attributeDict[@"href"]];
- }
-}
-
-- (void)parser:(NSXMLParser*)parser didEndElement:(NSString*)elementName namespaceURI:(NSString*)namespaceURI qualifiedName:(NSString*)qualifiedName
-{
-}
-
-- (void)parser:(NSXMLParser*)parser parseErrorOccurred:(NSError*)parseError
-{
- NSAssert(NO, @"config.xml parse error line %ld col %ld", (long)[parser lineNumber], (long)[parser columnNumber]);
-}
-
-
-@end
-
-#pragma mark CDVNavigationWhitelistPlugin
-
-@interface CDVNavigationWhitelistPlugin () {}
-@property (nonatomic, strong) CDVWhitelist* whitelist;
-@end
-
-@implementation CDVNavigationWhitelistPlugin
-
-@synthesize whitelist;
-
-- (void)setViewController:(UIViewController *)viewController
-{
- if ([viewController isKindOfClass:[CDVViewController class]]) {
- CDVWhitelistConfigParser *whitelistConfigParser = [[CDVWhitelistConfigParser alloc] init];
- [(CDVViewController *)viewController parseSettingsWithParser:whitelistConfigParser];
- self.whitelist = [[CDVWhitelist alloc] initWithArray:whitelistConfigParser.whitelistHosts];
- }
-}
-
-- (BOOL)shouldAllowNavigationToURL:(NSURL *)url
-{
- return [self.whitelist URLIsAllowed:url];
-}
-@end
http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/65775dd5/whitelist/whitelist.js
----------------------------------------------------------------------
diff --git a/whitelist/whitelist.js b/whitelist/whitelist.js
deleted file mode 100644
index 74d7a99..0000000
--- a/whitelist/whitelist.js
+++ /dev/null
@@ -1,27 +0,0 @@
-/*
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- *
-*/
-
-if (!document.querySelector('meta[http-equiv=Content-Security-Policy]')) {
- var msg = 'No Content-Security-Policy meta tag found. Please add one when using the cordova-plugin-whitelist plugin.';
- console.error(msg);
- setInterval(function() {
- console.warn(msg);
- }, 10000);
-}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org