search

ionic-team / capacitor

Build cross-platform Native Progressive Web Apps for iOS, Android, and the Web ⚡️
https://capacitorjs.com
MIT License
11.93k stars 996 forks source link

feat: Android, allow setting list of hosts (domain names/IP addresses) that are exempt from SafeBrowsing checks. #5334

Open anttironty opened 2 years ago

anttironty commented 2 years ago

Feature Request

Description

Play-protect sometimes fails checking urls that the webview will be using, when this happens the whole webview slows down remarkably and hurts the ux massively.

When developer notices that the app suffers from this issue, setting list of hosts (domain names/IP addresses) that are exempt from SafeBrowsing checks would fix the issue.

Error seen at android studio logcat:

2021-12-21 15:02:11.312 1559-1627/com.example.app E/GACConnecting: GoogleApiClient connecting is in step STEP_SERVICE_BINDINGS_AND_SIGN_IN but received callback for step STEP_GETTING_REMOTE_SERVICE
    java.lang.Exception
        at lD.j(chromium-SystemWebViewGoogle.aab-stable-466410403:10)
        at lD.g(chromium-SystemWebViewGoogle.aab-stable-466410403:1)
        at uD.g(chromium-SystemWebViewGoogle.aab-stable-466410403:2)
        at bm.g(chromium-SystemWebViewGoogle.aab-stable-466410403:2)
        at wd.c(chromium-SystemWebViewGoogle.aab-stable-466410403:10)
        at qd.a(chromium-SystemWebViewGoogle.aab-stable-466410403:3)
        at rd.handleMessage(chromium-SystemWebViewGoogle.aab-stable-466410403:41)
        at android.os.Handler.dispatchMessage(Handler.java:106)
        at Dt0.dispatchMessage(chromium-SystemWebViewGoogle.aab-stable-466410403:1)
        at android.os.Looper.loop(Looper.java:214)
        at android.os.HandlerThread.run(HandlerThread.java:65)

Related stackoverflow thread https://stackoverflow.com/questions/58725618/where-does-a-googleclientapiconnected-exception-come-from

Platform(s)

Android

Preferred Solution

capacitor.config.ts could have property "safeBrowsingWhitelist" which takes list of urls that should be exempt from SafeBrowsing checks.

Additional Context

My current solution is to modify loadWebView in Bridge.java like this:

if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.O_MR1) {
            String[] urls = {"url", "url1", "url2"};
            List<String> listOfURLs = Arrays.asList(urls);
            webView.setSafeBrowsingWhitelist(listOfURLs, null);
        }
jcesarmobile commented 2 years ago

I have never seen this happen, can you provide a sample app where it can be reproduced?

Apparently safe browsing is enabled by default on any device that supports it, so another option could be to disable safe browsing entirely since Capacitor is not used for browsing.

anttironty commented 2 years ago

I have never seen this happen, can you provide a sample app where it can be reproduced?

Sure, I'll try to scramble some kind of a sample together when I have some spare time.

I'm seeing this currently in capacitor 3.3 app that for example needs to listen websocket and generally speaks alot with different api's. The solution I described in Additional Context part above fixed the issue. Disabling Google-Play-Protect on device also stopped the bug from happening.