您的位置:首页 > 移动开发

WebView中的JsBridge(Hybrid),WebViewClient和WebChromeClient及安全漏洞

2017-07-05 14:51 459 查看
WebView形象的理解上述流程从一个loadUrl来看,详细流程如下:

Browser.loadUrl  ------>  WebView.loadUrl  ------->  WebViewChromium.loadUrl   -------->  AwContents.loadUrl  ------>  ContentViewCore.loadUrl

> JsBridge

WebView中的网页进行交互,点击网页通过接口进行原生处理,

Android 各个版本WebView- http://blog.csdn.NET/typename/article/details/40425275
JsBridge基于https://github.com/lzyzsd/JsBridge 优化改进而来的Android JsBridge-https://github.com/hjhrq1991/JsBridge

JSBridge框架,JS和native通信的桥梁- https://github.com/firewolf-ljw/WebViewJSBridge 
webview实现h5视频全屏播放兼容Android7.0,自己添加webview库兼容全部版本-http://blog.csdn.net/insist_hui/article/details/58172859  https://github.com/lshAndroid/WebviewTBS/tree/master

JsBridge实现Js与Java的互相调用- https://github.com/lzyzsd/JsBridge  WebViewJavascriptBridge框架- https://github.com/marcuswestin/WebViewJavascriptBridge
Android4.2下 WebView的addJavascriptInterface漏洞解决方案(@JavascriptInterface)- http://blog.csdn.net/zhouyongyang621/article/details/47000041
> 拦截网络URL请求

  webview拦截请求- http://blog.csdn.net/knxw0001/article/details/10903055
Android 拦截WebView加载URL,控制其加载CSS、JS资源- http://blog.csdn.net/lyhhj/article/details/49517537
Android中WebView拦截js请求- http://blog.csdn.net/wang8651971/article/details/45584117 
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
if (url.startsWith(kCustomProtocolScheme)) {
if (url.indexOf(kQueueHasMessage) > 0) {
flushMessageQueue();
}
return true;
}

return super.shouldOverrideUrlLoading(view, url);
}

@Override
public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
//TODO
String fileName = null;
WebResourceResponse response = null;
if (url.contains("logo")) {
try {
InputStream localCopy = NyApplication.getInstance().getAssets().open("droidyue.png");
response = new WebResourceResponse("image/png", "UTF-8", localCopy);
} catch (IOException e) {
e.printStackTrace();
}
}

if(url.contains("/base.css")){
LogUtil.e(",WVJBWebViewClient,shouldOverrideUrlLoading()","url="+url);
//       webView.loadUrl("file:///android_asset/pages/css/base.css");
}else if(url.contains("/netyun/css/textitem.css")){
LogUtil.e(",WVJBWebViewClient,shouldOverrideUrlLoading()","url="+url);
//       webView.loadUrl("file:///android_asset/pages/css/textitem.css");

}else if(url.contains("/js/item.js")){
LogUtil.e(",WVJBWebViewClient,shouldOverrideUrlLoading()","url="+url);
//       webView.loadUrl("file:///android_asset/pages/js/item.js");

}else if(url.contains("/libs/requirejs/require.js")){
LogUtil.e(",WVJBWebViewClient,shouldOverrideUrlLoading()","url="+url);
//       webView.loadUrl("file:///android_asset/pages/js/require.js");

}else{

}
try {
InputStream localCopy = NyApplication.getInstance().getAssets().open("droidyue.png");
response = new WebResourceResponse("image/png", "UTF-8", localCopy);
}catch (IOException e) {
e.printStackTrace();
}

return response;
//    return super.shouldInterceptRequest(view, url);
}

@Override
public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
return super.shouldInterceptRequest(view, request);
}


 > WebView中WebViewClient和WebChromeClient区别与联系

WebViewClient用于帮助WebView处理各种通知和请求事件;
而WebChromeClient更丰富一些,帮助WebView处理Javascript各类对话框、弹窗等等。

Hybrid App知识点收集- http://blog.csdn.net/qq_27429143/article/details/78916163
 1.拦截JS对话框 WebView.setWebChromeClient(new WebChromeClient(){});

 2. WebView拦截某一个链接不执行此链接或拦截URL或拦截H5页面点击之后的URL

Android webView拦截url- http://blog.csdn.net/u010694658/article/details/52388287
// 此回调是拦截点击要跳转的url链接,并对请求的url链接做修改(添加删除字段)

public WebResourceResponse shouldInterceptRequest(WebView view, String url) 

// 在点击请求的是链接是才会调用,重写此方法返回true表明点击网页里面的链接还是在当前的webview里跳转,不跳到浏览器那边。这个函数我们可以做很多操作,比如我们读取到某些特殊的URL,于是就可以不打开地址,取消这个操作,进行预先定义的其他操作,这对一个程序是非常必要的。

public boolean shouldOverrideUrlLoading(WebView view, String url)

 1.WebViewClient比较基础的方法,帮助WebView处理各种通知和请求事件;

//处理webView的按键事件

boolean shouldOverrideKeyEvent(WebView view, KeyEvent event)

//截取url请求,在当前视图加载,避免在跳转到自带浏览器

boolean shouldOverrideUrlLoading(WebView view, String url)

//WebView改变时调用

void onScaleChanged(WebView view, float oldScale, float newScale)

//对https的请求处理

void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error)

//获取返回信息授权

void onReceivedHttpAuthRequest(WebView view, HttpAuthHandler handler, String host, String realm)

//处理报错信息(API23以后用第二个)

void onReceivedError(WebView view, int errorCode, String description, String failingUrl)

void onReceivedError(WebView view, WebResourceRequest request, WebResourceError error)

//页面开始载入时调用

void onPageStarted(WebView view, String url, Bitmap favicon)

//页面载入结束时调用

void onPageFinished(WebView view, String url)

//加载资源时调用
void onLoadResource(WebView view, String url)

webView.setJavaScriptEnabled(true)影响Activity的生命周期

//Agent设置

//     WebSettings webSettings = wvPagePV.getSettings();

//     wvPagePV.getSettings().setJavaScriptEnabled(true); // 支持js互调,影响Activity的生命周期

        wvPagePV.getSettings().setUserAgentString(wvPagePV.getSettings().getUserAgentString() + "/netwin/" + MyUtils.getVersionName(mContext));

            wvPagePV.loadUrl(newsDetail.newsUrl); 

wvPagePV.setWebViewClient(new WebViewClient(){//拦截URL请求或页面点击
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
LogUtil.e("desaco","url="+url);
return super.shouldOverrideUrlLoading(view, url);
}

@Override
public void onPageStarted(WebView view, String url, Bitmap favicon) {
LogUtil.e("desaco","onPageStarted()");
super.onPageStarted(view, url, favicon);
}

@Override
public void onPageFinished(WebView view, String url) {
LogUtil.e("desaco","onPageFinished()");
super.onPageFinished(view, url);
}

@Override
public void onReceivedError(WebView view, WebResourceRequest request, WebResourceError error) {
super.onReceivedError(view, request, error);
}

@Override
public void onReceivedClientCertRequest(WebView view, ClientCertRequest request) {
super.onReceivedClientCertRequest(view, request);
}
});



  2.WebChromeClient比较基础的方法,帮助WebView处理Javascript各类对话框、弹窗等//webview关闭时调用void onCloseWindow(WebView window)//Js的弹窗boolean onJsAlert(WebView view, String url, String message, JsResult result)//Js提示框boolean onJsPrompt(WebView
view, String url, String message, String defaultValue, JsPromptResult result)//Js确认框boolean onJsConfirm(WebView view, String url, String message, JsResult result)//加载进度void onProgressChanged(WebView view, int newProgress)//全屏模式(API18以后用第二种)onShowCustomView(View
view, WebChromeClient.CustomViewCallback callback)
onShowCustomView(View view, int requestedOrientation, WebChromeClient.CustomViewCallback callback)

wvPagePV.setWebChromeClient(new WebChromeClient() {//拦截JS对话框
@Override
public void onProgressChanged(WebView view, int progress) {
}

@Override
public void onReceivedTitle(WebView view, String title) {
super.onReceivedTitle(view, title);
}

@Override
public boolean onJsAlert(WebView view, String url, String message, JsResult result) {
return super.onJsAlert(view, url, message, result);
}

@Override
public boolean onJsConfirm(WebView view, String url, String message, JsResult result) {
return super.onJsConfirm(view, url, message, result);
}

@Override
public boolean onJsPrompt(WebView view, String url, String message, String defaultValue, JsPromptResult result) {
return super.onJsPrompt(view, url, message, defaultValue, result);
}

@Override
public boolean onJsTimeout() {
return super.onJsTimeout();
}

@Override
public boolean onConsoleMessage(ConsoleMessage consoleMessage) {
return super.onConsoleMessage(consoleMessage);
}

@Override
public void onReceivedIcon(WebView view, Bitmap icon) {
super.onReceivedIcon(view, icon);
}
});


  3. 未开放的重写方法,比如如下:

// For Android 3.0+ 

public void openFileChooser(ValueCallback<Uri> uploadMsg) {...} 

// For Android 3.0+ 

public void openFileChooser(ValueCallback uploadMsg, String acceptType) {...} 

// For Android 4.1 

public void openFileChooser(ValueCallback<Uri> uploadMsg, String acceptType, String capture) {...}

// For Android 5.0+

public boolean onShowFileChooser (WebView webView, ValueCallback<Uri[]> filePathCallback, 

WebChromeClient.FileChooserParams fileChooserParams) {

return true;  
}

4. webView的安全漏洞

webView常见漏洞以及解决方法- http://blog.csdn.net/fulai00/article/details/52921779 
Android4.2下 WebView的addJavascriptInterface漏洞解决方案- http://blog.csdn.net/zhouyongyang621/article/details/47000041 
JS与WebView交互存在的一些问题- http://www.jianshu.com/p/93cea79a2443 
  在Android系统4.3.1~3.0版本,系统webview默认添加了searchBoxJavaBridge_接口,如果未移除该接口可能导致低版本Android系统远程命令执行漏洞;

  修复建议:判断系统版本,显式调用removeJavascriptInterface方法移除searchBoxJavaBridge_接口;

  // 在Android系统4.3.1~3.0版本,系统webview默认添加了searchBoxJavaBridge_接口,如果未移除该接口可能导致低版本Android系统远程命令执行漏洞

  //如果真的需要没有这些漏洞的话,你可以尝试用腾讯的X5内核,和WebView用法一样。
removeJavascriptInterface("searchBoxJavaBridge_");

removeJavascriptInterface("accessibility")  ;

removeJavascriptInterface("accessibilityTraversal");

if(Build.VERSION.SDK_INT == 18)

   mWebView.removeJavascriptInterface("searchBoxJavaBridge_");

if (Build.VERSION.SDK_INT >= 11 && Build.VERSION.SDK_INT < 17) {

try {

 webView.removeJavascriptInterface("searchBoxJavaBridge_");

 webView.removeJavascriptInterface("accessibility");

 webView.removeJavascriptInterface("accessibilityTraversal");

} catch (Throwable tr) {

    tr.printStackTrace();

  }

}
                                            

                                        

                        
                        内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 点击这里给我发消息 
                    

                    

                    

                        

                         标签: 
                                                

                        

                    


                

            


            

                
相关文章推荐

                

                
            

        

        

            

            
            

                

                    
新的分享

                    

                        
                    

                

            


            

                

                    
章节导航