You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ia...@apache.org on 2014/10/14 23:23:58 UTC
[11/11] android commit: Allow Cordova to implement a default network
policy
Allow Cordova to implement a default network policy
Project: http://git-wip-us.apache.org/repos/asf/cordova-android/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-android/commit/7672bd10
Tree: http://git-wip-us.apache.org/repos/asf/cordova-android/tree/7672bd10
Diff: http://git-wip-us.apache.org/repos/asf/cordova-android/diff/7672bd10
Branch: refs/heads/unplug-whitelist
Commit: 7672bd10c0389dbfc1a9c5815e3f6454c14f25ff
Parents: f36b5a1
Author: Ian Clelland <ic...@chromium.org>
Authored: Tue Oct 14 17:22:49 2014 -0400
Committer: Ian Clelland <ic...@chromium.org>
Committed: Tue Oct 14 17:22:49 2014 -0400
----------------------------------------------------------------------
.../src/org/apache/cordova/CordovaPlugin.java | 10 ++--
.../org/apache/cordova/CordovaUriHelper.java | 55 ++++++++++++++++----
.../src/org/apache/cordova/PluginManager.java | 52 +++++++++++++-----
3 files changed, 89 insertions(+), 28 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cordova-android/blob/7672bd10/framework/src/org/apache/cordova/CordovaPlugin.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/CordovaPlugin.java b/framework/src/org/apache/cordova/CordovaPlugin.java
index fb4ae99..1485dad 100644
--- a/framework/src/org/apache/cordova/CordovaPlugin.java
+++ b/framework/src/org/apache/cordova/CordovaPlugin.java
@@ -178,7 +178,7 @@ public class CordovaPlugin {
* open a connection to an external resource. Return false to block the request. Only if
* all plugins return true, then the request will proceed.
*/
- public boolean shouldAllowRequest(String url) {
+ public Boolean shouldAllowRequest(String url) {
return true;
}
@@ -189,8 +189,8 @@ public class CordovaPlugin {
* Return false to block the navigation. Only if all plugins return true, then the navigation
* will proceed.
*/
- public boolean shouldAllowNavigation(String url) {
- return true;
+ public Boolean shouldAllowNavigation(String url) {
+ return null;
}
/**
@@ -200,8 +200,8 @@ public class CordovaPlugin {
* to handle the URL. Return false to block the navigation. Only if all plugins return true,
* then the URL be opened.
*/
- public boolean shouldOpenExternalUrl(String url) {
- return true;
+ public Boolean shouldOpenExternalUrl(String url) {
+ return null;
}
/**
http://git-wip-us.apache.org/repos/asf/cordova-android/blob/7672bd10/framework/src/org/apache/cordova/CordovaUriHelper.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/CordovaUriHelper.java b/framework/src/org/apache/cordova/CordovaUriHelper.java
index b2be1b8..89e07a2 100644
--- a/framework/src/org/apache/cordova/CordovaUriHelper.java
+++ b/framework/src/org/apache/cordova/CordovaUriHelper.java
@@ -38,11 +38,54 @@ public class CordovaUriHelper {
appView = webView;
cordova = cdv;
}
-
+
+ /**
+ * Determine whether the webview should be allowed to navigate to a given URL.
+ *
+ * This method implements the default whitelist policy when no plugins override
+ * shouldAllowNavigation
+ */
+ public boolean shouldAllowNavigation(String url) {
+ Boolean pluginManagerAllowsNavigation = this.appView.getPluginManager().shouldAllowNavigation(url);
+ if (pluginManagerAllowsNavigation == null) {
+ // Default policy:
+ // Internal urls on file:// or data:// that do not contain "app_webview" are allowed for navigation
+ if(url.startsWith("file://") || url.startsWith("data:"))
+ {
+ //This directory on WebKit/Blink based webviews contains SQLite databases!
+ //DON'T CHANGE THIS UNLESS YOU KNOW WHAT YOU'RE DOING!
+ return !url.contains("app_webview");
+ }
+ return false;
+ }
+ return pluginManagerAllowsNavigation;
+ }
+
+ /**
+ * Determine whether the webview should be allowed to launch an intent for a given URL.
+ *
+ * This method implements the default whitelist policy when no plugins override
+ * shouldOpenExternalUrl
+ */
+ public boolean shouldOpenExternalUrl(String url) {
+ Boolean pluginManagerAllowsExternalUrl = this.appView.getPluginManager().shouldOpenExternalUrl(url);
+ if (pluginManagerAllowsExternalUrl == null) {
+ // Default policy:
+ // External URLs are not allowed
+ return false;
+ }
+ return pluginManagerAllowsExternalUrl;
+ }
+
/**
* Give the host application a chance to take over the control when a new url
* is about to be loaded in the current WebView.
*
+ * This method implements the default whitelist policy when no plugins override
+ * the whitelist methods:
+ * Internal urls on file:// or data:// that do not contain "app_webview" are allowed for navigation
+ * External urls are not allowed.
+ *
* @param view The WebView that is initiating the callback.
* @param url The url to be loaded.
* @return true to override, false for default behavior
@@ -50,11 +93,11 @@ public class CordovaUriHelper {
@TargetApi(Build.VERSION_CODES.ICE_CREAM_SANDWICH_MR1)
public boolean shouldOverrideUrlLoading(String url) {
// Give plugins the chance to handle the url
- if (this.appView.getPluginManager().shouldAllowNavigation(url)) {
+ if (shouldAllowNavigation(url)) {
// Allow internal navigation
return false;
}
- if (this.appView.getPluginManager().shouldOpenExternalUrl(url)) {
+ if (shouldOpenExternalUrl(url)) {
// Do nothing other than what the plugins wanted.
// If any returned false, then the request was either blocked
// completely, or handled out-of-band by the plugin. If they all
@@ -74,12 +117,6 @@ public class CordovaUriHelper {
}
return true;
}
- if(url.startsWith("file://") || url.startsWith("data:"))
- {
- //This directory on WebKit/Blink based webviews contains SQLite databases!
- //DON'T CHANGE THIS UNLESS YOU KNOW WHAT YOU'RE DOING!
- return url.contains("app_webview");
- }
// Block by default
return true;
}
http://git-wip-us.apache.org/repos/asf/cordova-android/blob/7672bd10/framework/src/org/apache/cordova/PluginManager.java
----------------------------------------------------------------------
diff --git a/framework/src/org/apache/cordova/PluginManager.java b/framework/src/org/apache/cordova/PluginManager.java
index 4c3c5b6..ab75280 100755
--- a/framework/src/org/apache/cordova/PluginManager.java
+++ b/framework/src/org/apache/cordova/PluginManager.java
@@ -276,19 +276,31 @@ public class PluginManager {
* Called when the webview is going to change the URL of the loaded content.
*
* This delegates to the installed plugins, which must all return true for
- * this method to return true.
+ * this method to return true. A true result will allow the new page to load;
+ * a false result will prevent the page from loading.
*
- * @param url The URL that is being requested.
- * @return Return true to allow the URL to load, return false to prevent the URL from loading.
+ * @param url The URL that is being requested.
+ * @return Returns null if all plugins return null (the default).
+ * This indicates that the default policy should be followed.
+ * Otherwise, returns true if all plugins have returned true,
+ * or false if any returned false.
*/
- public boolean shouldAllowNavigation(String url) {
+ public Boolean shouldAllowNavigation(String url) {
+ Boolean anyResponded = null;
for (PluginEntry entry : this.entryMap.values()) {
CordovaPlugin plugin = pluginMap.get(entry.service);
- if (plugin != null && !plugin.shouldAllowNavigation(url)) {
- return false;
+ if (plugin != null) {
+ Boolean result = plugin.shouldAllowNavigation(url);
+ if (result != null) {
+ anyResponded = true;
+ if (!result) {
+ return false;
+ }
+ }
}
}
- return true;
+ // This will be true if all plugins allow the request, or null if no plugins override the method
+ return anyResponded;
}
/**
@@ -296,19 +308,31 @@ public class PluginManager {
* an Intent for an URL.
*
* This delegates to the installed plugins, which must all return true for
- * this method to return true.
+ * this method to return true. A true result will allow the URL to launch;
+ * a false result will prevent the URL from loading.
*
- * @param url The URL that is being requested.
- * @return Return true to allow the URL to load, return false to prevent the URL from loading.
+ * @param url The URL that is being requested.
+ * @return Returns null if all plugins return null (the default).
+ * This indicates that the default policy should be followed.
+ * Otherwise, returns true if all plugins have returned true,
+ * or false if any returned false.
*/
- public boolean shouldOpenExternalUrl(String url) {
+ public Boolean shouldOpenExternalUrl(String url) {
+ Boolean anyResponded = null;
for (PluginEntry entry : this.entryMap.values()) {
CordovaPlugin plugin = pluginMap.get(entry.service);
- if (plugin != null && !plugin.shouldOpenExternalUrl(url)) {
- return false;
+ if (plugin != null) {
+ Boolean result = plugin.shouldOpenExternalUrl(url);
+ if (result != null) {
+ anyResponded = true;
+ if (!result) {
+ return false;
+ }
+ }
}
}
- return true;
+ // This will be true if all plugins allow the request, or null if no plugins override the method
+ return anyResponded;
}
/**
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org