android - Building Web Apps in WebView

》 When developing a web application that's designed specifically for the WebView in your Android application, you can create interfaces between your JavaScript code and client-side Android code. For example, your JavaScript code can call a method in your Android
code to display a Dialog, instead of using JavaScript's alert()function.

》 Caution: If you've set your targetSdkVersion to 17 or higher, you must add the @JavascriptInterfaceannotation to any method that you want available to your JavaScript (the method must also be public). If you do not provide the annotation, the method is not
accessible by your web page when running on Android 4.2 or higher.

》To bind a new interface between your JavaScript and Android code, call addJavascriptInterface(), passing it a class instance to bind to your JavaScript and an interface name that your JavaScript can call to access the class.

For example, you can include the following class in your Android application:

public class WebAppInterface {

Context mContext;

/** Instantiate the interface and set the context */

WebAppInterface(Context c) {

mContext = c;

}

/** Show a toast from the web page */

@JavascriptInterface

public void showToast(String toast) {

Toast.makeText(mContext, toast, Toast.LENGTH_SHORT).show();

}

}

<input type="button" value="Say hello" onClick="showAndroidToast('Hello Android!')" />

<script type="text/javascript">

function showAndroidToast(toast) {

Android.showToast(toast);

}

</script>

There's no need to initialize the Android interface from JavaScript. The WebView automatically makes it available to your web page. So, at the click of the button, the showAndroidToast() function uses the Androidinterface to call the WebAppInterface.showToast()
method.

Note: The object that is bound to your JavaScript runs in another thread and not in the thread in which it was constructed.

Caution: Using addJavascriptInterface() allows JavaScript to control your Android application. This can be a very useful feature or a dangerous security issue. When the HTML in the WebView is untrustworthy (for example, part or all of the HTML is provided by
an unknown person or process), then an attacker can include HTML that executes your client-side code and possibly any code of the attacker's choosing. As such, you should not use addJavascriptInterface() unless you wrote all of the HTML and JavaScript that
appears in your WebView. You should also not allow the user to navigate to other web pages that are not your own, within your WebView (instead, allow the user's default browser application to open foreign links—by default, the user's web browser opens all
URL links, so be careful only if you handle page navigation as described in the following section).

When your WebView overrides URL loading, it automatically accumulates a history of visited web pages. You can navigate backward and forward through the history with goBack() and goForward().

@Override

public boolean onKeyDown(int keyCode, KeyEvent event) {

// Check if the key event was the Back button and if there's history

if ((keyCode == KeyEvent.KEYCODE_BACK) && myWebView.canGoBack()) {

myWebView.goBack();

return true;

}

// If it wasn't the Back key or there's no web page history, bubble up to the default

// system behavior (probably exit the activity)

return super.onKeyDown(keyCode, event);

}

The canGoBack() method returns true if there is actually web page history for the user to visit. Likewise, you can use canGoForward() to check whether there is a forward history. If you don't perform this check, then once the user reaches the end of the history,
goBack() or goForward() does nothing.