[jira] [Commented] (CB-11270) [QUESTION] Is whitelist intent filter working as intended?

ASF GitHub Bot (JIRA) Wed, 03 Aug 2016 08:23:10 -0700

    [ 
https://issues.apache.org/jira/browse/CB-11270?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15406054#comment-15406054
 ]


ASF GitHub Bot commented on CB-11270:
-------------------------------------

Github user tony-- commented on a diff in the pull request:

    https://github.com/apache/cordova-ios/pull/232#discussion_r73358362
  
    --- Diff: tests/CordovaLibTests/CDVWhitelistTests.m ---
    @@ -295,6 +295,37 @@ - (void)testAllowIntentsAndNavigations
         XCTAssertEqual([CDVIntentAndNavigationFilter filterUrl:[NSURL 
URLWithString:@"https://google.com";] intentsWhitelist:intentsWhitelist 
navigationsWhitelist:navigationsWhitelist], 
CDVIntentAndNavigationFilterValueIntentAllowed);
         // Test http (not allowed in either)
         XCTAssertEqual([CDVIntentAndNavigationFilter filterUrl:[NSURL 
URLWithString:@"http://google.com";] intentsWhitelist:intentsWhitelist 
navigationsWhitelist:navigationsWhitelist], 
CDVIntentAndNavigationFilterValueNoneAllowed);
    +    
    +    
    +    NSURL* telUrl = [NSURL URLWithString:@"tel:5555555"];
    +    NSMutableURLRequest* telRequest = [NSMutableURLRequest 
requestWithURL:telUrl];
    +    telRequest.mainDocumentURL = telUrl;
    +    
    +    // mainDocumentURL and URL are the same in the NSURLRequest
    +    // Only UIWebViewNavigationTypeLinkClicked and 
UIWebViewNavigationTypeOther should return YES
    +    XCTAssertTrue([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest 
navigationType:UIWebViewNavigationTypeLinkClicked]);
    +    XCTAssertTrue([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest navigationType:UIWebViewNavigationTypeOther]);
    +    XCTAssertFalse([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest navigationType:UIWebViewNavigationTypeReload]);
    +    XCTAssertFalse([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest 
navigationType:UIWebViewNavigationTypeBackForward]);
    +    XCTAssertFalse([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest 
navigationType:UIWebViewNavigationTypeFormSubmitted]);
    +    XCTAssertFalse([CDVIntentAndNavigationFilter 
shouldOpenURLRequest:telRequest 
navigationType:UIWebViewNavigationTypeFormResubmitted]);
    +    
    --- End diff --
    
    Would it make sense to test the intent-allowed case?  This currently fails 
- see comment in comments section.
    ```    
        // Only CDVIntentAndNavigationFilterValueIntentAllowed and 
CDVIntentAndNavigationFilterValueNavigationAllowed should return YES
        XCTAssertTrue([CDVIntentAndNavigationFilter 
shouldOverrideLoadWithRequest:telRequest 
navigationType:UIWebViewNavigationTypeOther 
filterValue:CDVIntentAndNavigationFilterValueNavigationAllowed]);
        XCTAssertTrue([CDVIntentAndNavigationFilter 
shouldOverrideLoadWithRequest:telRequest 
navigationType:UIWebViewNavigationTypeOther 
filterValue:CDVIntentAndNavigationFilterValueIntentAllowed]);
        XCTAssertFalse([CDVIntentAndNavigationFilter 
shouldOverrideLoadWithRequest:telRequest 
navigationType:UIWebViewNavigationTypeOther 
filterValue:CDVIntentAndNavigationFilterValueNoneAllowed]);
    
    ```


> [QUESTION] Is whitelist intent filter working as intended?
> ----------------------------------------------------------
>
>                 Key: CB-11270
>                 URL: https://issues.apache.org/jira/browse/CB-11270
>             Project: Apache Cordova
>          Issue Type: Improvement
>          Components: iOS
>            Reporter: Tony Homer
>            Assignee: Shazron Abdullah
>
> In 3.8.0, given an intent directive like 
> {code}
> <allow-intent href="tel:*" />
> {code}
> , interacting with any of the following elements would result in tel: 
> requests that would all be allowed:
> {code}
> <a id="tel-button" href="tel:777777777">do tel with a.href</a>
> <a id="tel-a-onclick" onclick="document.location.href='tel:777777777';">do 
> tel with a.onclick</a>
> <button id="tel-button" onclick="document.location.href='tel:777777777';">do 
> tel with button.onclick</button>
> {code}
> However, in 4.1.1, only the first interaction will be allowed.
> This is because intent directives are only applied to the 
> UIWebViewNavigationTypeLinkClicked navigationType (the navigationType for the 
> second and third examples is UIWebViewNavigationTypeOther).
> Is this working as intended?
> It seems that either the whitelist intent filter in 4+ is not working as 
> intended or, if working as intended, the documentation should be improved to 
> spell out this case.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (CB-11270) [QUESTION] Is whitelist intent filter working as intended?

Reply via email to