-
Notifications
You must be signed in to change notification settings - Fork 24.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Properly escape JavaScript code on Android #20366
Conversation
9c06232
to
77a229a
Compare
Rebased on |
77a229a
to
feeab42
Compare
rebasing again to restart the test... |
feeab42
to
231be62
Compare
Summary: Pull Request resolved: #20178 Differential Revision: D8860733 Pulled By: TheSavior fbshipit-source-id: ec4aa3050755652106dec9ea245394314c862e97
231be62
to
826afaa
Compare
Seems like master fails CI for code style... |
826afaa
to
c00bc80
Compare
ping @mdvacca, seems like you have been touching this part of the code before, any chance of getting this merged? |
c00bc80
to
9c95db2
Compare
Rebased on master again but now the test is failing on something that seems related to iOS, and this PR only touches Android 🤔 |
Thanks for the PR! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
hramos is landing this pull request. If you are a Facebook employee, you can view this diff on Phabricator.
This pull request was closed by @LinusU in e6b305b. Once this commit is added to a release, you will see the corresponding version tag below the description at e6b305b. If the commit has a single |
Summary: These changes will fix executing javascript with any special characters, by making use of the `evaluateJavascript` function on Android 4.4+, and by properly escaping the URI on Android <4.4. Fixes #19611 • Fixes #20365 • Fixes #9749 • Closes #19655 • Closes #12321 This PR supersedes #19655 by patching the same problem in all the places, and fixing it for Android <4.4 as well. Pull Request resolved: #20366 Differential Revision: D9242968 Pulled By: hramos fbshipit-source-id: f2e1abc786ba333dbd8aaa8922e716fd99ec26e0
These changes will fix executing javascript with any special characters, by making use of the
evaluateJavascript
function on Android 4.4+, and by properly escaping the URI on Android <4.4.Fixes #19611 • Fixes #20365 • Fixes #9749 • Closes #19655 • Closes #12321
This PR supersedes #19655 by patching the same problem in all the places, and fixing it for Android <4.4 as well.
Test Plan:
The snack from #20365 should now work on Android as it does on iOS. That is, it should show "12" three times.
https://snack.expo.io/rkSxWhNVm
It can also be tested by instantiating a
WebView
withinjectedJavaScript
set todocument.write('1')\ndocument.write('2')
and observe that "12" is written in the WebView.Release Notes:
[ANDROID] [BUGFIX] [WebView] - Properly escape JavaScript code