Skip to content

Commit

Permalink
fix: Only serve approved slugs through HttpServer
Browse files Browse the repository at this point in the history
Current HttpServer implementation set `source={html, baseUrl}` on the
iOS' WebView

By doing so, the WebView's history does not work anymore due to a bug
on `WKWebview` component

This makes some iOS apps work incorrectly

In previous commits we set a blockList to prevent some slugs to be
served through HttpServer on iOS

But we found that there are still a lot of unknown features that may
not work

So we prefer to reverse the logic an only approve slugs that have been
test and proved to be working

Related issue: react-native-webview/react-native-webview#2608
  • Loading branch information
Ldoppea committed Dec 7, 2022
1 parent 0a1d0f3 commit bffcf5d
Showing 1 changed file with 18 additions and 18 deletions.
36 changes: 18 additions & 18 deletions src/libs/httpserver/indexGenerator.js
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,17 @@ import { devConfig } from '/config/dev'

const log = Minilog('IndexGenerator')

// The slug's blocklist should be use to prevent
// the list slugs to be injected using HttpServer
// Instead those slugs will be served from cozy-stack
const slugBlocklist = [
// mespapiers cannot be injected until we fix window.history bug on iOS
{ platform: 'ios', slug: 'mespapiers' },

// settings cannot be injected until we modernize it by doing all queries through
// cozy-client and correctly handle `https` override with `isSecureProtocol` parameter
{ platform: 'ios', slug: 'settings' },

// drive cannot be injected until we fix window.history bug on iOS (bug in OnlyOffice)
{ platform: 'ios', slug: 'drive' }
// The slug's allowlist should be use to list apps
// that are proven to work correctly when injected using HttpServer
// If not present in this list, then slug will be served from cozy-stack
// Current known bugs are:
// - mespapiers cannot be injected until we fix window.history bug on iOS
// - settings cannot be injected until we modernize it by doing all queries through
// cozy-client and correctly handle `https` override with `isSecureProtocol` parameter
// - drive cannot be injected until we fix window.history bug on iOS (bug in OnlyOffice)
const slugAllowList = [
{ platform: 'ALL', slug: 'home' },
{ platform: 'android', slug: 'ALL' }
]

const initLocalBundleIfNotExist = async (fqdn, slug) => {
Expand Down Expand Up @@ -60,16 +58,18 @@ const initLocalBundleIfNotExist = async (fqdn, slug) => {
}
}

const isSlugInBlocklist = slug =>
slugBlocklist.some(
blocklistedSlug =>
blocklistedSlug.slug === slug && blocklistedSlug.platform === Platform.OS
const isSlugInAllowlist = currentSlug =>
slugAllowList.some(
({ slug, platform }) =>
(slug === 'ALL' && platform === Platform.OS) ||
(slug === currentSlug && platform === 'ALL') ||
(slug === currentSlug && platform === Platform.OS)
)

export const getIndexForFqdnAndSlug = async (fqdn, slug) => {
if (devConfig.disableGetIndex) return false // Make cozy-app hosted by webpack-dev-server work with HTTPServer

if (isSlugInBlocklist(slug)) return false
if (!isSlugInAllowlist(slug)) return false

await initLocalBundleIfNotExist(fqdn, slug)

Expand Down

0 comments on commit bffcf5d

Please sign in to comment.