Comments (6)
I used Cordova version 10.0 to create an offline web game, which provides the WebViewAssetLoader class to access local web pages using HTTPS URLs.
But for the convenience of users to replace files, I want this webpage to display files stored in the external directory of the phone. The directory address is equivalent to 'cordova.file.externalApplicationStorageDirectory', so I made some modifications to the source code of CordovaLib.
This is something I don't think is tested but does service workers work as expected while using internal storage (e.g. if you place your service worker in your www
folder)?
I wouldn't expect external storage to work and there are security implications in launching scripts from external storage. Your scripts should be part of your android bundle.
While within the Android OS, android's permission model can restrict applications from accessing or modifying app-specific files on external storage, but the external storage could be on a removable medium and if that storage medium is inserted into another device, say a PC, the file contents of app-specific external files could be manipulated. Therefore applications should treat scripts on external storage as untrusted and unsafe code.
from cordova-android.
I used Cordova version 10.0 to create an offline web game, which provides the WebViewAssetLoader class to access local web pages using HTTPS URLs.
But for the convenience of users to replace files, I want this webpage to display files stored in the external directory of the phone. The directory address is equivalent to 'cordova.file.externalApplicationStorageDirectory', so I made some modifications to the source code of CordovaLib.This is something I don't think is tested but does service workers work as expected while using internal storage (e.g. if you place your service worker in your
www
folder)?I wouldn't expect external storage to work and there are security implications in launching scripts from external storage. Your scripts should be part of your android bundle.
While within the Android OS, android's permission model can restrict applications from accessing or modifying app-specific files on external storage, but the external storage could be on a removable medium and if that storage medium is inserted into another device, say a PC, the file contents of app-specific external files could be manipulated. Therefore applications should treat scripts on external storage as untrusted and unsafe code.
Just now, I placed 'service worker. js' in the' asset/www 'directory and called the same interface, but still prompted registration failure.
I know that storing startup scripts from external sources does pose security risks, but the web framework used in the game has been in place for a long time and is difficult to modify. The purpose of opening extension interfaces in the game was to allow players to easily modify source code files to achieve the desired effect, and players also have a clear understanding of what modifying source files represents.
from cordova-android.
Ok thank you, that confirms that it still doesn't work "out of the box".
Glanceful reading, I'm guessing it's because the native needs to handle service worker registration using ServiceWorkerClient[ServiceWorkerController], (https://developer.android.com/reference/android/webkit/ServiceWorkerController), and ServiceWorkerWebSettings.
Cordova doesn't currently do this. The good news is the above classes were added in API 24, which fits within our minimum API level, so if a PR can be crafted and tested then we could potentially roll it into our 13.x release.
However, to re-iterate the service worker registration should probably be in the origin and context of webview asset loader (e.g. https://localhost
/ internal storage). In fact, MDN states that service workers must be ran in a secure context, thus it needs to go through the webview asset loader and the asset loader must be configured to use the https protocol. Even if the security implications are ignored, there might be technical limitations in registrating the service worker from external storage.
from cordova-android.
Ok thank you, that confirms that it still doesn't work "out of the box".
Glanceful reading, I'm guessing it's because the native needs to handle service worker registration using ServiceWorkerClient[ServiceWorkerController], (https://developer.android.com/reference/android/webkit/ServiceWorkerController), and ServiceWorkerWebSettings.
Cordova doesn't currently do this. The good news is the above classes were added in API 24, which fits within our minimum API level, so if a PR can be crafted and tested then we could potentially roll it into our 13.x release.
However, to re-iterate the service worker registration should probably be in the origin and context of webview asset loader (e.g.
https://localhost
/ internal storage). In fact, MDN states that service workers must be ran in a secure context, thus it needs to go through the webview asset loader and the asset loader must be configured to use the https protocol. Even if the security implications are ignored, there might be technical limitations in registrating the service worker from external storage.
Thank you for your help. Before that, I had not heard of the ServiceWorkerClient class. I'm going to test if it's usable now. In addition, my game project also needs to be compatible with old platform phones. Previously, I used Cordova 8 and Crosswalk. I plan to extract the code from Cordova 10 about WebviewAssetLoader settings and test it again
from cordova-android.
Ok thank you, that confirms that it still doesn't work "out of the box".
Glanceful reading, I'm guessing it's because the native needs to handle service worker registration using ServiceWorkerClient[ServiceWorkerController], (https://developer.android.com/reference/android/webkit/ServiceWorkerController), and ServiceWorkerWebSettings.
Cordova doesn't currently do this. The good news is the above classes were added in API 24, which fits within our minimum API level, so if a PR can be crafted and tested then we could potentially roll it into our 13.x release.
However, to re-iterate the service worker registration should probably be in the origin and context of webview asset loader (e.g.
https://localhost
/ internal storage). In fact, MDN states that service workers must be ran in a secure context, thus it needs to go through the webview asset loader and the asset loader must be configured to use the https protocol. Even if the security implications are ignored, there might be technical limitations in registrating the service worker from external storage.
I used 'ServiceWorkerController' in the construction method of the 'SystemWebViewClient. java' file, and then 'ServiceWorker' was successfully registered. Thank you again for your help.
this.assetLoader = assetLoaderBuilder.build();
ServiceWorkerController swController = ServiceWorkerController.getInstance();
swController.setServiceWorkerClient(new ServiceWorkerClient() {
// I don't know how to reuse this variable, so I wrote it twice
private final WebViewAssetLoader assetLoader = assetLoaderBuilder.build();
@Override
public WebResourceResponse shouldInterceptRequest(WebResourceRequest request) {
// Capture request here and generate response or allow pass-through
return assetLoader.shouldInterceptRequest(request.getUrl());
}
});
ServiceWorkerWebSettings serviceWorkerWebSettings = swController.getServiceWorkerWebSettings();
serviceWorkerWebSettings.setAllowContentAccess(true);
serviceWorkerWebSettings.setAllowFileAccess(true);
from cordova-android.
Related Issues (20)
- Could not resolve com.android.tools.build:gradle:7.4.2 after update to cordova-android@12 HOT 2
- No matching variant of com.android.tools.build:gradle:7.4.2 was found HOT 1
- Mixed translations for native date picker on Android HOT 5
- Missing privateHelpers.extractStringFromManifest method. HOT 1
- Android 14 support ? HOT 1
- Incoming Call FullScreen Intent On A Cordova Activity HOT 1
- `ErrorURL` preference is not working HOT 2
- cordova-android build tools not found issue HOT 1
- Will Cordova Android 13 support Kotlin 1.9.x ? HOT 2
- Target date for support to API34 HOT 2
- DevTools cannot display source map properly HOT 2
- cordova-android12.0.1 onRequestPermissionsResult never used HOT 1
- Cordova app on Android crashes after choosing file with native HTML file input, only on Android 13 HOT 3
- Update docs in regards to using adaptive icons with background colors HOT 3
- Splash screen icon not show at first launch HOT 1
- Execution failed for task ':app:mergeReleaseResources'. HOT 2
- Panoramic images HOT 1
- backgroundMode plugin quirks HOT 2
- Cordova undefined when AndroidInsecureFileModeEnabled set to false HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cordova-android.