Skip to content

Commit

Permalink
Merge pull request #436 from purplecabbage/ValidateCallbackId
Browse files Browse the repository at this point in the history
[android] Prevent malformed callbackId from reaching app cordova view
  • Loading branch information
purplecabbage authored Mar 2, 2019
2 parents 92243cd + 6861084 commit c95dbcb
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions src/android/InAppChromeClient.java
Original file line number Diff line number Diff line change
Expand Up @@ -104,7 +104,7 @@ public boolean onJsPrompt(WebView view, String url, String message, String defau
if(defaultValue.startsWith("gap-iab://")) {
PluginResult scriptResult;
String scriptCallbackId = defaultValue.substring(10);
if (scriptCallbackId.startsWith("InAppBrowser")) {
if (scriptCallbackId.matches("^InAppBrowser[0-9]{1,10}$")) {
if(message == null || message.length() == 0) {
scriptResult = new PluginResult(PluginResult.Status.OK, new JSONArray());
} else {
Expand All @@ -118,9 +118,14 @@ public boolean onJsPrompt(WebView view, String url, String message, String defau
result.confirm("");
return true;
}
else {
// Anything else that doesn't look like InAppBrowser0123456789 should end up here
LOG.w(LOG_TAG, "InAppBrowser callback called with invalid callbackId : "+ scriptCallbackId);
result.cancel();
return true;
}
}
else
{
else {
// Anything else with a gap: prefix should get this message
LOG.w(LOG_TAG, "InAppBrowser does not support Cordova API calls: " + url + " " + defaultValue);
result.cancel();
Expand Down

0 comments on commit c95dbcb

Please sign in to comment.