162 lines
6.2 KiB
Java
162 lines
6.2 KiB
Java
/*
|
|
Licensed to the Apache Software Foundation (ASF) under one
|
|
or more contributor license agreements. See the NOTICE file
|
|
distributed with this work for additional information
|
|
regarding copyright ownership. The ASF licenses this file
|
|
to you under the Apache License, Version 2.0 (the
|
|
"License"); you may not use this file except in compliance
|
|
with the License. You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing,
|
|
software distributed under the License is distributed on an
|
|
"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
KIND, either express or implied. See the License for the
|
|
specific language governing permissions and limitations
|
|
under the License.
|
|
*/
|
|
|
|
package org.apache.cordova.whitelist;
|
|
|
|
import org.apache.cordova.CordovaPlugin;
|
|
import org.apache.cordova.ConfigXmlParser;
|
|
import org.apache.cordova.LOG;
|
|
import org.apache.cordova.Whitelist;
|
|
import org.xmlpull.v1.XmlPullParser;
|
|
|
|
import android.content.Context;
|
|
|
|
public class WhitelistPlugin extends CordovaPlugin {
|
|
private static final String LOG_TAG = "WhitelistPlugin";
|
|
private Whitelist allowedNavigations;
|
|
private Whitelist allowedIntents;
|
|
private Whitelist allowedRequests;
|
|
|
|
// Used when instantiated via reflection by PluginManager
|
|
public WhitelistPlugin() {
|
|
}
|
|
// These can be used by embedders to allow Java-configuration of whitelists.
|
|
public WhitelistPlugin(Context context) {
|
|
this(new Whitelist(), new Whitelist(), null);
|
|
new CustomConfigXmlParser().parse(context);
|
|
}
|
|
public WhitelistPlugin(XmlPullParser xmlParser) {
|
|
this(new Whitelist(), new Whitelist(), null);
|
|
new CustomConfigXmlParser().parse(xmlParser);
|
|
}
|
|
public WhitelistPlugin(Whitelist allowedNavigations, Whitelist allowedIntents, Whitelist allowedRequests) {
|
|
if (allowedRequests == null) {
|
|
allowedRequests = new Whitelist();
|
|
allowedRequests.addWhiteListEntry("file:///*", false);
|
|
allowedRequests.addWhiteListEntry("data:*", false);
|
|
}
|
|
this.allowedNavigations = allowedNavigations;
|
|
this.allowedIntents = allowedIntents;
|
|
this.allowedRequests = allowedRequests;
|
|
}
|
|
@Override
|
|
public void pluginInitialize() {
|
|
if (allowedNavigations == null) {
|
|
allowedNavigations = new Whitelist();
|
|
allowedIntents = new Whitelist();
|
|
allowedRequests = new Whitelist();
|
|
new CustomConfigXmlParser().parse(webView.getContext());
|
|
}
|
|
}
|
|
|
|
private class CustomConfigXmlParser extends ConfigXmlParser {
|
|
@Override
|
|
public void handleStartTag(XmlPullParser xml) {
|
|
String strNode = xml.getName();
|
|
if (strNode.equals("content")) {
|
|
String startPage = xml.getAttributeValue(null, "src");
|
|
allowedNavigations.addWhiteListEntry(startPage, false);
|
|
} else if (strNode.equals("allow-navigation")) {
|
|
String origin = xml.getAttributeValue(null, "href");
|
|
if ("*".equals(origin)) {
|
|
allowedNavigations.addWhiteListEntry("http://*/*", false);
|
|
allowedNavigations.addWhiteListEntry("https://*/*", false);
|
|
allowedNavigations.addWhiteListEntry("data:*", false);
|
|
} else {
|
|
allowedNavigations.addWhiteListEntry(origin, false);
|
|
}
|
|
} else if (strNode.equals("allow-intent")) {
|
|
String origin = xml.getAttributeValue(null, "href");
|
|
allowedIntents.addWhiteListEntry(origin, false);
|
|
} else if (strNode.equals("access")) {
|
|
String origin = xml.getAttributeValue(null, "origin");
|
|
String subdomains = xml.getAttributeValue(null, "subdomains");
|
|
boolean external = (xml.getAttributeValue(null, "launch-external") != null);
|
|
if (origin != null) {
|
|
if (external) {
|
|
LOG.w(LOG_TAG, "Found <access launch-external> within config.xml. Please use <allow-intent> instead.");
|
|
allowedIntents.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
|
|
} else {
|
|
if ("*".equals(origin)) {
|
|
allowedRequests.addWhiteListEntry("http://*/*", false);
|
|
allowedRequests.addWhiteListEntry("https://*/*", false);
|
|
} else {
|
|
allowedRequests.addWhiteListEntry(origin, (subdomains != null) && (subdomains.compareToIgnoreCase("true") == 0));
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
@Override
|
|
public void handleEndTag(XmlPullParser xml) {
|
|
}
|
|
}
|
|
|
|
@Override
|
|
public Boolean shouldAllowNavigation(String url) {
|
|
if (allowedNavigations.isUrlWhiteListed(url)) {
|
|
return true;
|
|
}
|
|
return null; // Default policy
|
|
}
|
|
|
|
@Override
|
|
public Boolean shouldAllowRequest(String url) {
|
|
if (Boolean.TRUE == shouldAllowNavigation(url)) {
|
|
return true;
|
|
}
|
|
if (allowedRequests.isUrlWhiteListed(url)) {
|
|
return true;
|
|
}
|
|
return null; // Default policy
|
|
}
|
|
|
|
@Override
|
|
public Boolean shouldOpenExternalUrl(String url) {
|
|
if (allowedIntents.isUrlWhiteListed(url)) {
|
|
return true;
|
|
}
|
|
return null; // Default policy
|
|
}
|
|
|
|
public Whitelist getAllowedNavigations() {
|
|
return allowedNavigations;
|
|
}
|
|
|
|
public void setAllowedNavigations(Whitelist allowedNavigations) {
|
|
this.allowedNavigations = allowedNavigations;
|
|
}
|
|
|
|
public Whitelist getAllowedIntents() {
|
|
return allowedIntents;
|
|
}
|
|
|
|
public void setAllowedIntents(Whitelist allowedIntents) {
|
|
this.allowedIntents = allowedIntents;
|
|
}
|
|
|
|
public Whitelist getAllowedRequests() {
|
|
return allowedRequests;
|
|
}
|
|
|
|
public void setAllowedRequests(Whitelist allowedRequests) {
|
|
this.allowedRequests = allowedRequests;
|
|
}
|
|
}
|