[
https://issues.apache.org/jira/browse/CB-10897?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15890763#comment-15890763
]
ASF GitHub Bot commented on CB-10897:
-------------------------------------
Github user infil00p commented on the issue:
https://github.com/apache/cordova-android/pull/283
What's the status for this? I refactored the unit tests so we can actually
have tests that back this code now, as opposed to before where it wasn't quite
as straight forward.
> Cannot access specific non http or https URLs that are Whitelisted
> ------------------------------------------------------------------
>
> Key: CB-10897
> URL: https://issues.apache.org/jira/browse/CB-10897
> Project: Apache Cordova
> Issue Type: Bug
> Components: Plugin Whitelist
> Affects Versions: Master
> Environment: cordova-android 5.1.1
> Reporter: Karen Tran
> Labels: android, whitelist
> Fix For: Master
>
>
> In config.xml when I whitelist specific non http or https URLs such as
> {code}<allow-intent href="mailto:[email protected]"; />{code}
> and in index.html I add a link with that specific URL,
> {code}<a href="mailto:[email protected]";>mailto link</a>{code}
> I cannot access the link when I run the application. If I change the
> allow-intent to use a wildcard, *, I can get it to work.
> {code}<allow-intent href="mailto:*"; />{code}
> The expected behavior is that I should be able to specify an exact URL in the
> whitelist, but I am not able to. I investigated the Whitelist plugin and
> Whitelist.java in cordova-android and I found the issue.
> First I looked at the whitelist itself. URLs from config.xml are added to the
> whitelist correctly. No problems here.
> Next I looked at how the URL from index.html is being compared to the
> whitelist. I traced through with the Android Studio debugger and found this:
> At [Line
> 85|https://github.com/apache/cordova-android/blob/master/framework/src/org/apache/cordova/Whitelist.java#L85]
> of Whitelist.java in cordova-android, there is actually a
> NullPointerException happening, but it didn't get printed out with the Log :(
> (this needs to be fixed). I made some modifications to Whitelist.java so that
> the stack trace gets printed out, along with with values of 'host'.
> {noformat}
> 03-17 13:46:47.399 14000-14000/? I/System.out: uri scheme: mailto
> 03-17 13:46:47.399 14000-14000/? I/System.out: whitelist scheme: mailto
> 03-17 13:46:47.399 14000-14000/? I/System.out: uri host: null
> 03-17 13:46:47.399 14000-14000/? I/System.out: whitelist host:
> ktop500@gmail\.com
> 03-17 13:46:47.400 14000-14000/? W/System.err:
> java.lang.NullPointerException: Attempt to invoke interface method 'int
> java.lang.CharSequence.length()' on a null object reference
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> java.util.regex.Matcher.reset(Matcher.java:177)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> java.util.regex.Matcher.<init>(Matcher.java:90)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> java.util.regex.Pattern.matcher(Pattern.java:297)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.Whitelist$URLPattern.matches(Whitelist.java:88)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.Whitelist.isUrlWhiteListed(Whitelist.java:168)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.whitelist.WhitelistPlugin.shouldOpenExternalUrl(WhitelistPlugin.java:132)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.PluginManager.shouldOpenExternalUrl(PluginManager.java:432)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.CordovaWebViewImpl$EngineClient.onNavigationAttempt(CordovaWebViewImpl.java:605)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.apache.cordova.engine.SystemWebViewClient.shouldOverrideUrlLoading(SystemWebViewClient.java:79)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> com.android.webview.chromium.WebViewContentsClientAdapter.shouldOverrideUrlLoading(WebViewContentsClientAdapter.java:336)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.chromium.android_webview.AwContentsClient.shouldIgnoreNavigation(AwContentsClient.java:168)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.chromium.android_webview.AwContentsClientBridge.shouldOverrideUrlLoading(AwContentsClientBridge.java:265)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.chromium.base.SystemMessageHandler.nativeDoRunLoopOnce(Native Method)
> 03-17 13:46:47.400 14000-14000/? W/System.err: at
> org.chromium.base.SystemMessageHandler.handleMessage(SystemMessageHandler.java:39)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> android.os.Handler.dispatchMessage(Handler.java:102)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> android.os.Looper.loop(Looper.java:135)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> android.app.ActivityThread.main(ActivityThread.java:5254)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> java.lang.reflect.Method.invoke(Native Method)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> java.lang.reflect.Method.invoke(Method.java:372)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:903)
> 03-17 13:46:47.401 14000-14000/? W/System.err: at
> com.android.internal.os.ZygoteInit.main(ZygoteInit.java:698){noformat}
> Whitelist host is correct, so that got parsed correctly, but the Uri host is
> not correct, it is null. We try to call host.matcher(null).matches with a
> null object and therefore got the NPE.
> Working backwards from here, the issue stems from Android's Uri class parsing
> the URL. At [Line
> 158|https://github.com/apache/cordova-android/blob/master/framework/src/org/apache/cordova/Whitelist.java#L158]
> of Whitelist.java, we call:
> {code}Uri parsedUri = Uri.parse(uri);{code}
> Using the debugger, once the uri gets parsed, you'll see that the value of
> 'host' is 'NOT_CACHED'. This is the part where I got lost in Android Uri
> class because it's hard to debug there.
> The conclusion that I came to is that Android's Uri class doesn't parse
> 'host' correctly, but does parse 'scheme' correctly. I also tested market:
> URL and that has the same behavior.
> Android's definition of 'host' is probably different from Cordova's
> definition of 'host' so we should try to use something other than the Uri
> class to parse the URL. Android's definition of 'host' is probably parsed to
> a ':'
> I can try to work on a solution to not use the Uri class to parse.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
