Address the issue related to url validation

[luchua-bc]

Good afternoon Leonhard,

Your repository WhatsappWebToGo is a very popular one with many stars and forks, which is a nice project helping the open source community to develop Android apps with webviews.

I noticed an issue that its URL validation has a flaw, which doesn't validate the full domain. Currently it checks:

url.contains("web.whatsapp.com")

With this implementation, the validation will succeed as long as the text web.whatsapp.com is in the hostname or path portion of the Uri. For example, the following URLs in the domain of example.com will be trusted:

https://web.whatsapp.comabc.example.com/anypath/page1.do
https://www.example.com/web.whatsapp.com/page1.do

I think the desired behaviour is:

request.getUrl().getHost().equals("web.whatsapp.com")

Would you please investigate and merge my pull request if you agree?

Thanks @92lleo in advance for looking into this pull request.

Luc

[92lleo]

Hi Luc,

thanks for noticing this. You're right, the url.contains(...) was a quick workaround to enable 3rd party urls in browser. When changing this, I'd however try to clean up the surrounding if this is fine with you, see my review comments. I see no other issues in merging, lgtm

Best, Leo

[luchua-bc]

Hi Leo,

Thanks for reviewing the PR. I've committed requested changes.

Cheers, Luc

[92lleo]

Thanks! Changes are merged. Will be in the next release comeing this weekend.

Best, Leo