You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cordova.apache.org by pu...@apache.org on 2019/03/02 04:54:53 UTC

[cordova-plugin-inappbrowser] branch master updated: Prevent malformed callbackId from reaching app cordova view

This is an automated email from the ASF dual-hosted git repository.

purplecabbage pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cordova-plugin-inappbrowser.git


The following commit(s) were added to refs/heads/master by this push:
     new 6861084  Prevent malformed callbackId from reaching app cordova view
     new c95dbcb  Merge pull request #436 from purplecabbage/ValidateCallbackId
6861084 is described below

commit 686108484e6a7c1a316d7c6bc869c209c46d27e3
Author: Jesse MacFadyen <pu...@gmail.com>
AuthorDate: Thu Feb 28 14:52:01 2019 -0800

    Prevent malformed callbackId from reaching app cordova view
---
 src/android/InAppChromeClient.java | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/android/InAppChromeClient.java b/src/android/InAppChromeClient.java
index a2145e6..fe5dd34 100644
--- a/src/android/InAppChromeClient.java
+++ b/src/android/InAppChromeClient.java
@@ -104,7 +104,7 @@ public class InAppChromeClient extends WebChromeClient {
             if(defaultValue.startsWith("gap-iab://")) {
                 PluginResult scriptResult;
                 String scriptCallbackId = defaultValue.substring(10);
-                if (scriptCallbackId.startsWith("InAppBrowser")) {
+                if (scriptCallbackId.matches("^InAppBrowser[0-9]{1,10}$")) {
                     if(message == null || message.length() == 0) {
                         scriptResult = new PluginResult(PluginResult.Status.OK, new JSONArray());
                     } else {
@@ -118,9 +118,14 @@ public class InAppChromeClient extends WebChromeClient {
                     result.confirm("");
                     return true;
                 }
+                else {
+                    // Anything else that doesn't look like InAppBrowser0123456789 should end up here
+                    LOG.w(LOG_TAG, "InAppBrowser callback called with invalid callbackId : "+ scriptCallbackId);
+                    result.cancel();
+                    return true;
+                }
             }
-            else
-            {
+            else {
                 // Anything else with a gap: prefix should get this message
                 LOG.w(LOG_TAG, "InAppBrowser does not support Cordova API calls: " + url + " " + defaultValue); 
                 result.cancel();


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org