bebo/webview-local-server

Download

Step 1. Add the JitPack repository to your build file

Add it in your root settings.gradle at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url 'https://jitpack.io' }
		}
	}

Add it in your settings.gradle.kts at the end of repositories:

	dependencyResolutionManagement {
		repositoriesMode.set(RepositoriesMode.FAIL_ON_PROJECT_REPOS)
		repositories {
			mavenCentral()
			maven { url = uri("https://jitpack.io") }
		}
	}

Add to pom.xml

	<repositories>
		<repository>
		    <id>jitpack.io</id>
		    <url>https://jitpack.io</url>
		</repository>
	</repositories>

Add it in your build.sbt at the end of resolvers:

 
    resolvers += "jitpack" at "https://jitpack.io"

Add it in your project.clj at the end of repositories:

 
    :repositories [["jitpack" "https://jitpack.io"]]

Step 2. Add the dependency

	dependencies {
		implementation 'com.github.bebo:webview-local-server:'
	}
	dependencies {
		implementation("com.github.bebo:webview-local-server:")
	}
	<dependency>
	    <groupId>com.github.bebo</groupId>
	    <artifactId>webview-local-server</artifactId>
	    <version></version>
	</dependency>

                            
    libraryDependencies += "com.github.bebo" % "webview-local-server" % ""
        
        

                            
    :dependencies [[com.github.bebo/webview-local-server ""]]

Readme

WebView-Local-Server

Overview

The purpose of this library is to enable hosting local content (such as assets or resources) under an http(s):// URL.
The traditional way to access local resources is to use file:///android_asset or file://android_res/ URLs but using the file: scheme poses problems with the Same-Origin policy and makes it problematic to reference local content from content loaded over a secure (https:) connection.

Usage

Using the WebView-Local-Server requires the following steps:

  1. Create a WebViewLocalServer instance.

     WebViewLocalServer assetServer = new WebViewLocalServer(context);

  2. Tell the server where to host the resources.

     // The server uses a random prefix to make it harder for unauthorized content to guess.
 WebViewLocalServer.AssetHostingDetails details =
             assetServer.hostAssets("/www");
 // Assuming you want to know the http address of assets/www/index.hml:
 String indexUrl =
     details.getHttpPrefix().buildUpon().appendPath("index.html").toString();

  3. Hook up the server in the shouldInterceptRequest method.

     class MyWebViewClient extends WebViewClient {
     // For KitKat and earlier.
     @Override
     public WebResourceResponse shouldInterceptRequest(WebView view, String url) {
         return assetServer.shouldInterceptRequest(url);
     }
     // For Lollipop and above.
     @Override
     public WebResourceResponse shouldInterceptRequest(WebView view, WebResourceRequest request) {
         return assetServer.shouldInterceptRequest(request);
     }
 }

  4. Consider using the following settings in order to maximize security:

     webView.getSettings().setAllowFileAccessFromFileURLs(false);
 webView.getSettings().setAllowUniversalAccessFromFileURLs(false);

 // Keeping these off is less critical but still a good idea, especially
 // if your app is not using file:// or content:// URLs.
 webView.getSettings().setAllowFileAccess(false);
 webView.getSettings().setAllowContentAccess(false);

Picking a domain.

One potential problem of hosting local resources on a http(s):// URL is that doing so may conflict with a real website. This means that local resources should only be hosted on domains that the user has control of or which have been dedicated for this purpose.
The androidplatform.net domain has been specifically reserved for this purpose and you are free to use it.

By default the WebViewLocalServer will attempt to host assets/resources on a random subdomain of androidplatform.net (something like 123e4567-e89b-12d3-a456-426655440000.androidplatform.net). This random subdomain is chosen once per WebViewLocalServer.
To find out which prefix has been assigned to your resources you need to look at the AssetHostingDetails instance returned by the call to hostAssets or hostResources.

Should using a random subdomain be inconvenient for some reason it is possible to use a fixed domain (like androidplatform.net or a domain you own).

Disclaimer

This is not an official Google product (experimental or otherwise), it is just code that happens to be owned by Google.