Mon 21 Jul 22:43:21 CEST 2025
This commit is contained in:
		
							parent
							
								
									c64f655dfd
								
							
						
					
					
						commit
						35e1f91680
					
				|  | @ -0,0 +1,161 @@ | |||
| /* | ||||
|        Licensed to the Apache Software Foundation (ASF) under one | ||||
|        or more contributor license agreements.  See the NOTICE file | ||||
|        distributed with this work for additional information | ||||
|        regarding copyright ownership.  The ASF licenses this file | ||||
|        to you under the Apache License, Version 2.0 (the | ||||
|        "License"); you may not use this file except in compliance | ||||
|        with the License.  You may obtain a copy of the License at | ||||
| 
 | ||||
|          http://www.apache.org/licenses/LICENSE-2.0 | ||||
| 
 | ||||
|        Unless required by applicable law or agreed to in writing, | ||||
|        software distributed under the License is distributed on an | ||||
|        "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | ||||
|        KIND, either express or implied.  See the License for the | ||||
|        specific language governing permissions and limitations | ||||
|        under the License. | ||||
| */ | ||||
| 
 | ||||
| package org.apache.cordova.whitelist; | ||||
| 
 | ||||
| import org.apache.cordova.CordovaPlugin; | ||||
| import org.apache.cordova.ConfigXmlParser; | ||||
| import org.apache.cordova.LOG; | ||||
| import org.apache.cordova.Whitelist; | ||||
| import org.xmlpull.v1.XmlPullParser; | ||||
| 
 | ||||
| import android.content.Context; | ||||
| 
 | ||||
| public class WhitelistPlugin extends CordovaPlugin { | ||||
|     private static final String LOG_TAG = "WhitelistPlugin"; | ||||
|     private Whitelist allowedNavigations; | ||||
|     private Whitelist allowedIntents; | ||||
|     private Whitelist allowedRequests; | ||||
| 
 | ||||
|     // Used when instantiated via reflection by PluginManager | ||||
|     public WhitelistPlugin() { | ||||
|     } | ||||
|     // These can be used by embedders to allow Java-configuration of whitelists. | ||||
|     public WhitelistPlugin(Context context) { | ||||
|         this(new Whitelist(), new Whitelist(), null); | ||||
|         new CustomConfigXmlParser().parse(context); | ||||
|     } | ||||
|     public WhitelistPlugin(XmlPullParser xmlParser) { | ||||
|         this(new Whitelist(), new Whitelist(), null); | ||||
|         new CustomConfigXmlParser().parse(xmlParser); | ||||
|     } | ||||
|     public WhitelistPlugin(Whitelist allowedNavigations, Whitelist allowedIntents, Whitelist allowedRequests) { | ||||
|         if (allowedRequests == null) { | ||||
|             allowedRequests = new Whitelist(); | ||||
|             allowedRequests.addWhiteListEntry("file:///*", false); | ||||
|             allowedRequests.addWhiteListEntry("data:*", false); | ||||
|         } | ||||
|         this.allowedNavigations = allowedNavigations; | ||||
|         this.allowedIntents = allowedIntents; | ||||
|         this.allowedRequests = allowedRequests; | ||||
|     } | ||||
|     @Override | ||||
|     public void pluginInitialize() { | ||||
|         if (allowedNavigations == null) { | ||||
|             allowedNavigations = new Whitelist(); | ||||
|             allowedIntents = new Whitelist(); | ||||
|             allowedRequests = new Whitelist(); | ||||
|             new CustomConfigXmlParser().parse(webView.getContext()); | ||||
|         } | ||||
|     } | ||||
| 
 | ||||
|     private class CustomConfigXmlParser extends ConfigXmlParser { | ||||
|         @Override | ||||
|         public void handleStartTag(XmlPullParser xml) { | ||||
|             String strNode = xml.getName(); | ||||
|             if (strNode.equals("content")) { | ||||
|                 String startPage = xml.getAttributeValue(null, "src"); | ||||
|                 allowedNavigations.addWhiteListEntry(startPage, false); | ||||
|             } else if (strNode.equals("allow-navigation")) { | ||||
|                 String origin = xml.getAttributeValue(null, "href"); | ||||
|                 if ("*".equals(origin)) { | ||||
|                     allowedNavigations.addWhiteListEntry("http://*/*", false); | ||||
|                     allowedNavigations.addWhiteListEntry("https://*/*", false); | ||||
|                     allowedNavigations.addWhiteListEntry("data:*", false); | ||||
|                 } else { | ||||
|                     allowedNavigations.addWhiteListEntry(origin, false); | ||||
|                 } | ||||
|             } else if (strNode.equals("allow-intent")) { | ||||
|                 String origin = xml.getAttributeValue(null, "href"); | ||||
|                 allowedIntents.addWhiteListEntry(origin, false); | ||||
|             } else if (strNode.equals("access")) { | ||||
|                 String origin = xml.getAttributeValue(null, "origin"); | ||||
|                 String subdomains = xml.getAttributeValue(null, "subdomains"); | ||||
|                 boolean external = (xml.getAttributeValue(null, "launch-external") != null); | ||||
|                 if (origin != null) { | ||||
|                     if (external) { | ||||
|                         LOG.w(LOG_TAG, "Found <access launch-external> within config.xml. Please use <allow-intent> instead."); | ||||
|                         allowedIntents.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0)); | ||||
|                     } else { | ||||
|                         if ("*".equals(origin)) { | ||||
|                             allowedRequests.addWhiteListEntry("http://*/*", false); | ||||
|                             allowedRequests.addWhiteListEntry("https://*/*", false); | ||||
|                         } else { | ||||
|                             allowedRequests.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0)); | ||||
|                         } | ||||
|                     } | ||||
|                 } | ||||
|             } | ||||
|         } | ||||
|         @Override | ||||
|         public void handleEndTag(XmlPullParser xml) { | ||||
|         } | ||||
|     } | ||||
| 
 | ||||
|     @Override | ||||
|     public Boolean shouldAllowNavigation(String url) { | ||||
|         if (allowedNavigations.isUrlWhiteListed(url)) { | ||||
|             return true; | ||||
|         } | ||||
|         return null; // Default policy | ||||
|     } | ||||
| 
 | ||||
|     @Override | ||||
|     public Boolean shouldAllowRequest(String url) { | ||||
|         if (Boolean.TRUE == shouldAllowNavigation(url)) { | ||||
|             return true; | ||||
|         } | ||||
|         if (allowedRequests.isUrlWhiteListed(url)) { | ||||
|             return true; | ||||
|         } | ||||
|         return null; // Default policy | ||||
|     } | ||||
| 
 | ||||
|     @Override | ||||
|     public Boolean shouldOpenExternalUrl(String url) { | ||||
|         if (allowedIntents.isUrlWhiteListed(url)) { | ||||
|             return true; | ||||
|         } | ||||
|         return null; // Default policy | ||||
|     } | ||||
| 
 | ||||
|     public Whitelist getAllowedNavigations() { | ||||
|         return allowedNavigations; | ||||
|     } | ||||
| 
 | ||||
|     public void setAllowedNavigations(Whitelist allowedNavigations) { | ||||
|         this.allowedNavigations = allowedNavigations; | ||||
|     } | ||||
| 
 | ||||
|     public Whitelist getAllowedIntents() { | ||||
|         return allowedIntents; | ||||
|     } | ||||
| 
 | ||||
|     public void setAllowedIntents(Whitelist allowedIntents) { | ||||
|         this.allowedIntents = allowedIntents; | ||||
|     } | ||||
| 
 | ||||
|     public Whitelist getAllowedRequests() { | ||||
|         return allowedRequests; | ||||
|     } | ||||
| 
 | ||||
|     public void setAllowedRequests(Whitelist allowedRequests) { | ||||
|         this.allowedRequests = allowedRequests; | ||||
|     } | ||||
| } | ||||
		Loading…
	
		Reference in New Issue
	
	Block a user