From f57ede9be2a824d699c0fa5d6156441e0e0b901b Mon Sep 17 00:00:00 2001 From: Tim Brust Date: Wed, 2 May 2018 20:16:44 +0200 Subject: [PATCH] CB-14061: (android) comply with RFC 3986 for custom URL scheme handling --- src/android/InAppBrowser.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/android/InAppBrowser.java b/src/android/InAppBrowser.java index 9b3388ced..1453155b5 100644 --- a/src/android/InAppBrowser.java +++ b/src/android/InAppBrowser.java @@ -1112,7 +1112,7 @@ else if (url.startsWith("sms:")) { } } // Test for whitelisted custom scheme names like mycoolapp:// or twitteroauthresponse:// (Twitter Oauth Response) - else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]*://.*?$")) { + else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[A-Za-z0-9+.-]*://.*?$")) { if (allowedSchemes == null) { String allowed = preferences.getString("AllowedSchemes", ""); allowedSchemes = allowed.split(",");