cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF subversion and git services (JIRA)" <>
Subject [jira] [Commented] (CB-7291) Externally-launchable applications should be configurable
Date Tue, 26 Aug 2014 20:40:03 GMT


ASF subversion and git services commented on CB-7291:

Commit 94c096dd5b2a042534de72a53ee9bf166118eb83 in cordova-android's branch refs/heads/master
from [~cmarcelk]
[;h=94c096d ]

CB-7291 propogate change in method signature to the native tests

> Externally-launchable applications should be configurable
> ---------------------------------------------------------
>                 Key: CB-7291
>                 URL:
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>    Affects Versions: 3.5.0
>            Reporter: Ian Clelland
>            Assignee: Ian Clelland
>            Priority: Blocker
>             Fix For: 3.6.0
> Cordova Android versions up to 3.5.0 would launch any and all external applications by
URL. Any URL not explicitly whitelisted was sent to the Android intent system for handling.
This was the cause of the security vulnerabilities reported by IBM and disclosed in CVE-2014-3502.
> Cordova Android 3.5.1 was released to fix this, which it did by disabling explicit intents,
and explaining how to use a plugin to block other URL schemes if desired.
> We want to have a better official solution than this, so that developers can easily configure
which applications (sms, email, maps, etc) should be launchable from their Cordova app.
> *Proposal*
> The proposed solution is to maintain a second whitelist within the app, for URL patterns
which may be used to launch external applications. Then, on URL loading, these tests will
occur (in order):
> # URLs which are whitelisted internally (existing list) will cause internal navigation
> # URLs which are whitelisted externally (new list) will attempt to launch an intent to
handle it
> # URLs which are not whitelisted at all (in neither list) will be blocked.
> *Configuration*
> URLs can be added to the new (external) whitelist through an extension to the {{config.xml}}
whitelist syntax:
> {code}
> <access origin="sms:*" launch-external="yes" />
> {code}
> (Any non-empty value for the {{launch-external}} attribute will be considered "true"
when parsing the {{config.xml}} file)
> *Open questions* (one about forward-thinking security, the other about backwards-compatibility):
> # What should the default external whitelist be in the application template that we ship?
This will be the case for new apps build with 3.6.0.
> # What should the default external whitelist be when there are no {{<access launch-external="yes">}}
tags in {{config.xml}}? This will be the case for apps which are upgrading to 3.6.0.

This message was sent by Atlassian JIRA

View raw message