fix(PluginManager): AllowBridgeAccess default policy to handle scheme & hostname (#1332)

Author: erisu

framework/src/org/apache/cordova/AllowListPlugin.java

@@ -82,11 +82,6 @@ public void handleStartTag(XmlPullParser xml) {
             if (strNode.equals("content")) {
                 String startPage = xml.getAttributeValue(null, "src");
                 allowedNavigations.addAllowListEntry(startPage, false);
-
-                // Allow origin for WebViewAssetLoader
-                if (!this.prefs.getBoolean("AndroidInsecureFileModeEnabled", false)) {
-                    allowedNavigations.addAllowListEntry("https://" + this.prefs.getString("hostname", "localhost"), false);
-                }
             } else if (strNode.equals("allow-navigation")) {
                 String origin = xml.getAttributeValue(null, "href");
                 if ("*".equals(origin)) {

framework/src/org/apache/cordova/PluginManager.java

@@ -41,6 +41,12 @@ Licensed to the Apache Software Foundation (ASF) under one
  */
 public class PluginManager {
     private static String TAG = "PluginManager";
+
+    // @todo same as ConfigXmlParser. Research centralizing ideas, maybe create CordovaConstants
+    private static String SCHEME_HTTPS = "https";
+    // @todo same as ConfigXmlParser. Research centralizing ideas, maybe create CordovaConstants
+    private static String DEFAULT_HOSTNAME = "localhost";
+
     private static final int SLOW_EXEC_WARNING_THRESHOLD = Debug.isDebuggerConnected() ? 60 : 16;
 
     // List of service entries
@@ -366,6 +372,24 @@ public void onNewIntent(Intent intent) {
         }
     }
 
+    /**
+     * @todo should we move this somewhere public and accessible by all plugins?
+     * For now, it is placed where it is used and kept private so we can decide later and move without causing a breaking change.
+     * An ideal location might be in the "ConfigXmlParser" at the time it generates the "launchUrl".
+     *
+     * @todo should we be restrictive on the "file://" return? e.g. "file:///android_asset/www/"
+     * Would be considered as a breaking change if we apply a more granular check.
+     */
+    private String getLaunchUrlPrefix() {
+        if (!app.getPreferences().getBoolean("AndroidInsecureFileModeEnabled", false)) {
+            String scheme = app.getPreferences().getString("scheme", SCHEME_HTTPS).toLowerCase();
+            String hostname = app.getPreferences().getString("hostname", DEFAULT_HOSTNAME);
+            return scheme + "://" + hostname + '/';
+        }
+
+        return "file://";
+    }
+
     /**
      * Called when the webview is going to request an external resource.
      *
@@ -452,7 +476,7 @@ public boolean shouldAllowBridgeAccess(String url) {
         }
 
         // Default policy:
-        return url.startsWith("file://");
+        return url.startsWith(getLaunchUrlPrefix());
     }
 
     /**