From f57ede9be2a824d699c0fa5d6156441e0e0b901b Mon Sep 17 00:00:00 2001
From: Tim Brust <tim.brust@sinnerschrader.com>
Date: Wed, 2 May 2018 20:16:44 +0200
Subject: [PATCH] CB-14061: (android) comply with RFC 3986 for custom URL
 scheme handling

---
 src/android/InAppBrowser.java | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/android/InAppBrowser.java b/src/android/InAppBrowser.java
index 9b3388ced..1453155b5 100644
--- a/src/android/InAppBrowser.java
+++ b/src/android/InAppBrowser.java
@@ -1112,7 +1112,7 @@ else if (url.startsWith("sms:")) {
                 }
             }
             // Test for whitelisted custom scheme names like mycoolapp:// or twitteroauthresponse:// (Twitter Oauth Response)
-            else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[a-z]*://.*?$")) {
+            else if (!url.startsWith("http:") && !url.startsWith("https:") && url.matches("^[A-Za-z0-9+.-]*://.*?$")) {
                 if (allowedSchemes == null) {
                     String allowed = preferences.getString("AllowedSchemes", "");
                     allowedSchemes = allowed.split(",");