Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Properly escape JavaScript code on Android (#20366)
Summary: These changes will fix executing javascript with any special characters, by making use of the `evaluateJavascript` function on Android 4.4+, and by properly escaping the URI on Android <4.4. Fixes #19611 • Fixes #20365 • Fixes #9749 • Closes #19655 • Closes #12321 This PR supersedes #19655 by patching the same problem in all the places, and fixing it for Android <4.4 as well. Pull Request resolved: #20366 Differential Revision: D9242968 Pulled By: hramos fbshipit-source-id: f2e1abc786ba333dbd8aaa8922e716fd99ec26e0
- Loading branch information
1 parent
8ee9002
commit e6b305b
Showing
1 changed file
with
21 additions
and
4 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
e6b305b
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Did some testing on remaining breakage with injected JS inside Android's webview. I see one, with Mark.js.
Inside html of WebView.source:
With
mark.min.js
being https://github.com/julmot/mark.js/blob/8.11.1/dist/mark.min.js.And then subsequently, in injected JS:
I'm on RN 0.57.0-rc.0, and 'No Mark.js' is still alerted from within Android's webview. Have always worked on iOS.
This is a great PR though, thanks @LinusU! It has fixed comment issues on Android webview. Should I write this in a new issue, or this isn't enough details for repro? I'm also using https://github.com/alinz/react-native-webview-bridge which extends RN's webview, if it makes any difference.