From 8626caa41609b0175d4b943db26ee49f4224f855 Mon Sep 17 00:00:00 2001 From: Martin Williams Date: Wed, 24 Jul 2024 16:33:34 +0100 Subject: [PATCH] MakeCode - whitelist URLs; change back action (#72) Including cases for GitHub URLs, so About links are exported --- .../microbit/ui/activity/MakeCodeWebView.java | 122 +++++++++++++++--- 1 file changed, 105 insertions(+), 17 deletions(-) diff --git a/app/src/main/java/com/samsung/microbit/ui/activity/MakeCodeWebView.java b/app/src/main/java/com/samsung/microbit/ui/activity/MakeCodeWebView.java index fe19035e..51023d62 100644 --- a/app/src/main/java/com/samsung/microbit/ui/activity/MakeCodeWebView.java +++ b/app/src/main/java/com/samsung/microbit/ui/activity/MakeCodeWebView.java @@ -1,11 +1,9 @@ package com.samsung.microbit.ui.activity; import android.app.Activity; -import android.content.Context; import android.content.Intent; import android.net.Uri; import android.os.Bundle; -import android.os.Environment; import android.os.Handler; import android.os.Looper; import android.util.Base64; @@ -15,6 +13,7 @@ import android.webkit.JavascriptInterface; import android.webkit.ValueCallback; import android.webkit.WebChromeClient; +import android.webkit.WebResourceRequest; import android.webkit.WebSettings; import android.webkit.WebView; import android.webkit.WebViewClient; @@ -27,11 +26,7 @@ import com.samsung.microbit.utils.ProjectsHelper; import java.io.File; -import java.io.FileInputStream; import java.io.FileOutputStream; -import java.io.IOException; -import java.io.InputStream; -import java.io.OutputStream; import static android.content.ContentValues.TAG; @@ -43,7 +38,7 @@ public class MakeCodeWebView extends Activity implements View.OnClickListener { private WebView webView; public static String makecodeUrl = "https://makecode.microbit.org/?androidapp=" + BuildConfig.VERSION_CODE; - public static Activity activityHandle = null; + public static MakeCodeWebView activityHandle = null; boolean projectDownload = false; @@ -53,6 +48,10 @@ public class MakeCodeWebView extends Activity implements View.OnClickListener { private byte[] dataToSave = null; private ValueCallback onShowFileChooser_filePathCallback; + private boolean mRelaunchOnFinishNavigation = false; + private String mRelaunchURL = makecodeUrl; + + public static void setMakecodeUrl(String url) { makecodeUrl = url; } @@ -93,13 +92,13 @@ protected void onCreate(Bundle savedInstanceState) { webView.setWebViewClient(new WebViewClient() { @Override - public boolean shouldOverrideUrlLoading(WebView view, String url) { - Log.v(TAG, "url: " + url); - if (url.contains("https://microbit.org/")) { - MBApp.getAppState().eventPairMakeCodeEnd(); - activityHandle.finish(); - } - return false; + public boolean shouldOverrideUrlLoading( WebView view, String url) { + Log.v(TAG, "shouldOverrideUrlLoading (legacy) " + url); + return overrideUri( Uri.parse( url)); + } + public boolean shouldOverrideUrlLoading( WebView view, WebResourceRequest request ) { + Log.v(TAG, "shouldOverrideUrlLoading " + request); + return overrideUri( request.getUrl()); } @Override @@ -112,9 +111,26 @@ public void onLoadResource(WebView view, String url) { public void onPageFinished (WebView view, String url) { super.onPageFinished(view, url); Log.v(TAG, "onPageFinished(" + url + ");"); - onPageFinishedJS( view, url); + onPageFinishedJS(view, url); + + if ( url.startsWith( makecodeUrl)) { + mRelaunchURL = makecodeUrl; + String hashEditor = "#editor"; + if ( url.contains( hashEditor)) { + if ( mRelaunchURL.endsWith( "#")) { + mRelaunchURL = mRelaunchURL.substring( 0, mRelaunchURL.length() - 1); + } + mRelaunchURL = mRelaunchURL + hashEditor; + } + Log.v(TAG, "Remember relaunch URL " + mRelaunchURL); + } + + if ( mRelaunchOnFinishNavigation) { + mRelaunchOnFinishNavigation = false; + webView.loadUrl( mRelaunchURL); + } } - }); //setWebViewClient + }); //setWebViewClient webView.setWebChromeClient(new WebChromeClient() { @Override @@ -251,6 +267,77 @@ else if ( !hexName.isEmpty()) { MBApp.getAppState().eventPairMakeCodeBegin(); } // onCreate + + private boolean overrideUri( final Uri uri) { + String url = uri.toString().toLowerCase(); + Log.v(TAG, "overrideUri: " + url); + if ( url.contains("https://microbit.org/code")) { + MBApp.getAppState().eventPairMakeCodeEnd(); + finish(); + return true; + } + + String host = uri.getHost(); + String path = uri.getPath(); + host = host == null ? "" : host.toLowerCase(); + path = path == null ? "" : path.toLowerCase(); + + if ( host.equals("makecode.microbit.org")) { + if ( url.startsWith( makecodeUrl)) + return false; + else if ( path.startsWith( "/oauth/login")) + return false; + else if ( path.equals( "/") && uri.getQueryParameter("authcallback") != null) + return false; + } + else if ( host.equals( "makecode.com")) { + if ( path.startsWith("/oauth/callback")) + return false; + else if ( path.startsWith("/auth/callback")) + return false; + } + else if ( host.equals( "login.live.com")) + return false; + else if ( host.equals( "login.microsoftonline.com")) + return false; + else if ( host.equals( "www.pxt.io")) + return false; + else if ( host.equals( "trg-microbit.userpxt.io")) + return false; + else if ( host.equals( "pxt.azureedge.net")) + return false; + else if ( host.equals( "accounts.google.com")) + return false; + else if ( host.equals( "clever.com")) + return false; + else if ( host.equals( "github.com")) { + if ( path.startsWith( "/login/oauth/")) + return false; + if ( path.equals( "/login")) + return false; + if ( path.startsWith( "/sessions/")) + return false; + if ( path.equals( "/logout")) + return false; + // When signing out of GitHub, relaunch MakeCode, + // otherwise it takes 2 or 3 "backs" to return to MakeCode + if ( path.equals( "/")) { + mRelaunchOnFinishNavigation = true; + return false; + } + } + + openUri( uri); + return true; + } + + void openUri( Uri uri) { + Log.v(TAG, "openUri: " + uri); + Intent intent = new Intent(Intent.ACTION_VIEW); + intent.setData( uri); + startActivity(intent); + } + private void saveData( String name, String mimetype, byte[] data) { Intent intent = new Intent(Intent.ACTION_CREATE_DOCUMENT); intent.addCategory(Intent.CATEGORY_OPENABLE); @@ -297,7 +384,8 @@ public File getProjectFile( String hexName) @Override public void onBackPressed() { - if(webView.canGoBack()) { + String url = webView.getUrl(); + if ( url != null && !url.startsWith( makecodeUrl) && webView.canGoBack()) { webView.goBack(); } else { super.onBackPressed();