WebViewAssetLoader.InternalStoragePathHandler
public
static
final
class
WebViewAssetLoader.InternalStoragePathHandler
extends Object
implements
WebViewAssetLoader.PathHandler
| java.lang.Object | |
| ↳ | androidx.webkit.WebViewAssetLoader.InternalStoragePathHandler |
Handler class to open files from application internal storage. For more information about android storage please refer to Android Developers Docs: Data and file storage overview.
To avoid leaking user or app data to the web, make sure to choose directory
carefully, and assume any file under this directory could be accessed by any web page subject
to same-origin rules.
A typical usage would be like:
File publicDir = new File(context.getFilesDir(), "public");
// Host "files/public/" in app's data directory under:
// http://appassets.androidplatform.net/public/...
WebViewAssetLoader assetLoader = new WebViewAssetLoader.Builder()
.addPathHandler("/public/", new InternalStoragePathHandler(context, publicDir))
.build();
Summary
Public constructors | |
|---|---|
WebViewAssetLoader.InternalStoragePathHandler(Context context, File directory)
Creates PathHandler for app's internal storage. |
|
Public methods | |
|---|---|
WebResourceResponse
|
handle(String path)
Opens the requested file from the exposed data directory. |
Inherited methods | |
|---|---|
Public constructors
WebViewAssetLoader.InternalStoragePathHandler
public WebViewAssetLoader.InternalStoragePathHandler (Context context, File directory)
Creates PathHandler for app's internal storage.
The directory to be exposed must be inside either the application's internal data
directory Context.getDataDir() or cache directory Context.getCacheDir().
External storage is not supported for security reasons, as other apps with
Manifest.permission.WRITE_EXTERNAL_STORAGE may be able to modify the
files.
Exposing the entire data or cache directory is not permitted, to avoid accidentally
exposing sensitive application files to the web. Certain existing subdirectories of
Context.getDataDir() are also not permitted as they are often sensitive.
These files are ("app_webview/", "databases/", "lib/",
"shared_prefs/" and "code_cache/").
The application should typically use a dedicated subdirectory for the files it intends to expose and keep them separate from other files.
| Parameters | |
|---|---|
context |
Context: Context that is used to access app's internal storage. |
directory |
File: the absolute path of the exposed app internal storage directory from
which files can be loaded. |
| Throws | |
|---|---|
IllegalArgumentException |
if the directory is not allowed. |
Public methods
handle
public WebResourceResponse handle (String path)
Opens the requested file from the exposed data directory.
The matched prefix path used shouldn't be a prefix of a real web path. Thus, if the
requested file cannot be found or is outside the mounted directory a
WebResourceResponse object with a null InputStream will be
returned instead of null. This saves the time of falling back to network and
trying to resolve a path that doesn't exist. A WebResourceResponse with
null InputStream will be received as an HTTP response with status code
404 and no body.
The MIME type for the file will be determined from the file's extension using
URLConnection.guessContentTypeFromName(String). Developers should ensure that
files are named using standard file extensions. If the file does not have a
recognised extension, "text/plain" will be used by default.
| Parameters | |
|---|---|
path |
String: the suffix path to be handled. |
| Returns | |
|---|---|
WebResourceResponse |
WebResourceResponse for the requested file.
|