AppLinkTest#testWebViewAppLinkParsingFailure fails on android-19

BoltsFramework / Bolts-Android

Bolts is a collection of low-level libraries designed to make developing mobile apps easier.

http://boltsframework.github.io/Bolts-Android/

MIT License

4.02k stars 519 forks source link

AppLinkTest#testWebViewAppLinkParsingFailure fails on android-19 #43

Open grantland opened 9 years ago

grantland commented 9 years ago

It consistently fails on android-19, but not on android-21.

bolts.AppLinkTest > testWebViewAppLinkParsingFailure[Google Nexus 5 - 5.0.0 - API 21 - 1080x1920 - 5.0] SUCCESS 

bolts.AppLinkTest > testWebViewAppLinkParsingFailure[Motorola Moto X - 4.4.4 - API 19 - 720x1280 - 4.4.4] FAILED 
    junit.framework.AssertionFailedError
    at bolts.AppLinkTest.testWebViewAppLinkParsingFailure(AppLinkTest.java:230)

Full output: https://gist.github.com/grantland/7756822e6912f8021202

hasasn commented 9 years ago

Could this be at all related to

// Inject an object that will receive the JSON for the extracted JavaScript tags
        webView.addJavascriptInterface(new Object() {
          @JavascriptInterface
          public void setValue(String value) {
            try {
              tcs.trySetResult(new JSONArray(value));
            } catch (JSONException e) {
              tcs.trySetError(e);
            }
          }

There are some known security issues with "addJavascriptInterface". https://labs.mwrinfosecurity.com/blog/2013/09/24/webview-addjavascriptinterface-remote-code-execution/