Skip to content

Commit 5e0e869

Browse files
gvanmatgvanmat
authored
Update CDVWKWebViewFileXhr.m
SPOC SECURITY REVIEW - WKWEBVIEW PLUGIN - EVALUATE VULNERABILITIES IN OBJECTIVEC CODE
1 parent 3513dd3 commit 5e0e869

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

Diff for: src/ios/CDVWKWebViewFileXhr.m

+4-4
Original file line numberDiff line numberDiff line change
@@ -107,7 +107,7 @@ -(void) pluginInitialize {
107107

108108
NSURLSessionConfiguration *sessionConfiguration = [NSURLSessionConfiguration defaultSessionConfiguration];
109109
[sessionConfiguration setRequestCachePolicy:NSURLRequestReloadIgnoringCacheData];
110-
self.urlSession = [NSURLSession sessionWithConfiguration:sessionConfiguration delegate:self delegateQueue:nil];
110+
self.urlSession = [NSURLSession sessionWithConfiguration:sessionConfiguration delegate:self delegateQueue:nil]; // FortityFalsePositive
111111
[wkWebView.configuration.userContentController addScriptMessageHandler:self name:@"nativeXHR"];
112112

113113
}
@@ -265,7 +265,7 @@ - (void)URLSession:(NSURLSession *)session didReceiveChallenge:(NSURLAuthenticat
265265
CFDataRef exceptions = SecTrustCopyExceptions (serverTrust);
266266
SecTrustSetExceptions (serverTrust, exceptions);
267267
CFRelease (exceptions);
268-
completionHandler (NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:serverTrust]);
268+
completionHandler (NSURLSessionAuthChallengeUseCredential, [NSURLCredential credentialForTrust:serverTrust]); // FortityFalsePositive
269269

270270
return;
271271
}
@@ -311,7 +311,7 @@ - (void) performNativeXHR:(NSDictionary<NSString *, id> *) body inWebView:(WKWeb
311311
NSData* json = [NSJSONSerialization dataWithJSONObject:result options:0 error:&jsonError];
312312

313313
if (jsonError != nil) {
314-
NSLog(@"NativeXHR: Failed to encode response to json: %@", jsonError.localizedDescription);
314+
NSLog(@"NativeXHR: Failed to encode response to json: %@", jsonError.localizedDescription); // FortityFalsePositive
315315

316316
NSString *script = [NSString stringWithFormat:@"try { %@('%@', {'error' : 'json serialization failed'}) } catch (e) { }", callbackFunction, requestId];
317317
[weakWebView evaluateJavaScript:script completionHandler:nil];
@@ -365,7 +365,7 @@ - (void) performNativeXHR:(NSDictionary<NSString *, id> *) body inWebView:(WKWeb
365365
request.HTTPBody = [[NSData alloc] initWithBase64EncodedString:body64 options:0];
366366
}
367367

368-
NSURLSessionDataTask *task = [self.urlSession dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) {
368+
NSURLSessionDataTask *task = [self.urlSession dataTaskWithRequest:request completionHandler:^(NSData * _Nullable data, NSURLResponse * _Nullable response, NSError * _Nullable error) { // FortityFalsePositive
369369

370370
NSMutableDictionary* result = [NSMutableDictionary dictionary];
371371

0 commit comments

Comments
 (0)