Latest Threat Research:SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains.Details
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@metamask/react-native-webview

Package Overview
Dependencies
Maintainers
9
Versions
13
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@metamask/react-native-webview - npm Package Compare versions

Comparing version
14.2.1
 to
14.2.2
+83
android/src/main/j...ebview/extension/file/IFrameDetector.kt
package com.reactnativecommunity.webview.extension.file
/**
* JavaScript code to detect all iFrames in the page and report their URLs
* This script runs after page load and also monitors for dynamically added iFrames
*/
fun getIFrameDetectorScript(): String = """
(function() {
if (window.iframeDetectorInjected) return;
window.iframeDetectorInjected = true;
function collectIFrameUrls() {
const iframes = document.getElementsByTagName('iframe');
const urls = [];
for (let i = 0; i < iframes.length; i++) {
const iframe = iframes[i];
const src = iframe.src;
if (src && src.trim() !== '' && (src.startsWith('http://') || src.startsWith('https://') || src.startsWith('//'))) {
const normalizedUrl = src.startsWith('//') ? 'https:' + src : src;
urls.push(normalizedUrl);
}
}
return urls;
}
function reportIFrames() {
try {
const urls = collectIFrameUrls();
if (urls.length > 0) {
const message = {
type: 'IFRAME_DETECTED',
iframeUrls: urls
};
if (window.ReactNativeWebView && window.ReactNativeWebView.postMessage) {
window.ReactNativeWebView.postMessage(JSON.stringify(message));
}
}
} catch (e) {
console.error('Error reporting iFrames:', e);
}
}
// Initial check for iFrames
if (document.readyState === 'loading') {
document.addEventListener('DOMContentLoaded', reportIFrames);
} else {
// Document already loaded
setTimeout(reportIFrames, 100);
}
// Monitor for dynamically added iFrames
const observer = new MutationObserver(function(mutations) {
let shouldCheck = false;
mutations.forEach(function(mutation) {
if (mutation.type === 'childList') {
mutation.addedNodes.forEach(function(node) {
if (node.nodeType === Node.ELEMENT_NODE) {
if (node.tagName === 'IFRAME' || node.querySelector('iframe')) {
shouldCheck = true;
}
}
});
}
});
if (shouldCheck) {
setTimeout(reportIFrames, 100);
}
});
observer.observe(document.body || document.documentElement, {
childList: true,
subtree: true
});
// Also check periodically as a fallback
setInterval(reportIFrames, 5000);
})();
""".trimIndent() 
+5
-0
android/src/main/j...nativecommunity/webview/RNCWebView.java

@@ -50,2 +50,3 @@ package com.reactnativecommunity.webview;

import com.reactnativecommunity.webview.extension.file.BlobFileDownloader;
import com.reactnativecommunity.webview.extension.file.IFrameDetectorKt;

@@ -347,2 +348,6 @@ import org.json.JSONException;

public void injectIFrameDetectorScript() {
evaluateJavascriptWithFallback(IFrameDetectorKt.getIFrameDetectorScript());
}
public void callInjectedJavaScriptBeforeContentLoaded() {

@@ -349,0 +354,0 @@ if (getSettings().getJavaScriptEnabled() &&

+2
-0
android/src/main/j...community/webview/RNCWebViewClient.java

@@ -79,2 +79,4 @@ package com.reactnativecommunity.webview;

reactWebView.injectIFrameDetectorScript();
emitFinishEvent(webView, url);

@@ -81,0 +83,0 @@ }

+1
-1
package.json

@@ -13,3 +13,3 @@ {

"license": "MIT",
"version": "14.2.1",
"version": "14.2.2",
"homepage": "https://github.com/MetaMask/react-native-webview-mm#readme",

@@ -16,0 +16,0 @@ "scripts": {

apple/RNCWebViewImpl.m

Sorry, the diff of this file is too big to display