Closed luchua-bc closed 4 years ago
Hi Luc,
thanks for noticing this. You're right, the url.contains(...)
was a quick workaround to enable 3rd party urls in browser.
When changing this, I'd however try to clean up the surrounding if this is fine with you, see my review comments.
I see no other issues in merging, lgtm
Best, Leo
Hi Leo,
Thanks for reviewing the PR. I've committed requested changes.
Cheers, Luc
Thanks! Changes are merged. Will be in the next release comeing this weekend.
Best, Leo
Good afternoon Leonhard,
Your repository WhatsappWebToGo is a very popular one with many stars and forks, which is a nice project helping the open source community to develop Android apps with webviews.
I noticed an issue that its URL validation has a flaw, which doesn't validate the full domain. Currently it checks:
With this implementation, the validation will succeed as long as the text
web.whatsapp.com
is in the hostname or path portion of the Uri. For example, the following URLs in the domain ofexample.com
will be trusted:I think the desired behaviour is:
Would you please investigate and merge my pull request if you agree?
Thanks @92lleo in advance for looking into this pull request.
Luc