Potentially Call to dangerous WebView settings API

Description

List of all WebView methods used in the application.

Recommendation

If your application accesses sensitive data with a WebView, you may want to use the clearCache() method to delete any files stored locally.

Any URI received via an intent from outside a trust-boundary should be validated before rendering it with WebView

Technical details

Method com.vip.chaincasino.MainActivity.initView() calling method android.webkit.WebSettings.setJavaScriptEnabled()


    private void initView()
    {
        this.loadingView = this.findViewById(2131165244);
        this.loadingView.setVisibility(0);
        this.mWebView = ((android.webkit.WebView) this.findViewById(2131165330));
        this.mWebView.getSettings().setJavaScriptEnabled(1);
        this.mWebView.getSettings().setDomStorageEnabled(1);
        this.mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(1);
        this.mWebView.getSettings().setAppCacheEnabled(1);
        this.mWebView.setWebViewClient(new com.vip.chaincasino.MainActivity$1(this));
        this.mWebView.addJavascriptInterface(new com.vip.chaincasino.MainActivity$JavaScriptChannel(this, 0), "ChainCasino");
        this.mWebView.loadUrl(this.oldGameUrl);
        return;
    }

Method com.vip.chaincasino.MainActivity.openUrlInBrowser() calling method android.net.Uri.parse()


    private void openUrlInBrowser(String p3)
    {
        android.net.Uri v3_1 = android.net.Uri.parse(p3);
        android.content.Intent v0_1 = new android.content.Intent();
        v0_1.setAction("android.intent.action.VIEW");
        v0_1.setData(v3_1);
        this.startActivity(v0_1);
        return;
    }

Method android.support.v7.widget.SuggestionsAdapter.getDrawableFromResourceValue() calling method android.net.Uri.parse()

Couldn't retrieve source code

Method android.support.v4.widget.SimpleCursorAdapter.setViewImage() calling method android.net.Uri.parse()


    public void setViewImage(android.widget.ImageView p2, String p3)
    {
        try {
            p2.setImageResource(Integer.parseInt(p3));
        } catch (NumberFormatException) {
            p2.setImageURI(android.net.Uri.parse(p3));
        }
        return;
    }

Method android.support.v4.graphics.drawable.IconCompat.getUri() calling method android.net.Uri.parse()


    public android.net.Uri getUri()
    {
        if ((this.mType != -1) || (android.os.Build$VERSION.SDK_INT < 23)) {
            return android.net.Uri.parse(((String) this.mObj1));
        } else {
            return android.support.v4.graphics.drawable.IconCompat.getUri(((android.graphics.drawable.Icon) this.mObj1));
        }
    }

Method android.support.v4.graphics.drawable.IconCompat.loadDrawableInner() calling method android.net.Uri.parse()


    private android.graphics.drawable.Drawable loadDrawableInner(android.content.Context p7)
    {
        switch (this.mType) {
            case 1:
                return new android.graphics.drawable.BitmapDrawable(p7.getResources(), ((android.graphics.Bitmap) this.mObj1));
            case 2:
                android.graphics.Bitmap v0_14 = this.getResPackage();
                if (android.text.TextUtils.isEmpty(v0_14)) {
                    v0_14 = p7.getPackageName();
                }
                try {
                    return android.support.v4.content.res.ResourcesCompat.getDrawable(android.support.v4.graphics.drawable.IconCompat.getResources(p7, v0_14), this.mInt1, p7.getTheme());
                } catch (android.content.res.Resources v7_7) {
                    StringBuilder v4_7 = new Object[2];
                    v4_7[0] = Integer.valueOf(this.mInt1);
                    v4_7[1] = this.mObj1;
                    android.util.Log.e("IconCompat", String.format("Unable to load resource 0x%08x from pkg=%s", v4_7), v7_7);
                }
            case 3:
                return new android.graphics.drawable.BitmapDrawable(p7.getResources(), android.graphics.BitmapFactory.decodeByteArray(((byte[]) this.mObj1), this.mInt1, this.mInt2));
            case 4:
                android.graphics.Bitmap v0_7;
                android.graphics.Bitmap v0_6 = android.net.Uri.parse(((String) this.mObj1));
                android.graphics.drawable.BitmapDrawable v1_6 = v0_6.getScheme();
                if ((!"content".equals(v1_6)) && (!"file".equals(v1_6))) {
                    try {
                        v0_7 = new java.io.FileInputStream(new java.io.File(((String) this.mObj1)));
                    } catch (android.graphics.drawable.BitmapDrawable v1_10) {
                        StringBuilder v4_3 = new StringBuilder();
                        v4_3.append("Unable to load image from path: ");
                        v4_3.append(v0_7);
                        android.util.Log.w("IconCompat", v4_3.toString(), v1_10);
                        v0_7 = 0;
                    }
                } else {
                    try {
                        v0_7 = p7.getContentResolver().openInputStream(v0_6);
                    } catch (android.graphics.drawable.BitmapDrawable v1_12) {
                        StringBuilder v4_5 = new StringBuilder();
                        v4_5.append("Unable to load image from URI: ");
                        v4_5.append(v0_7);
                        android.util.Log.w("IconCompat", v4_5.toString(), v1_12);
                    }
                }
                if (v0_7 == null) {
                } else {
                    return new android.graphics.drawable.BitmapDrawable(p7.getResources(), android.graphics.BitmapFactory.decodeStream(v0_7));
                }
            case 5:
                return new android.graphics.drawable.BitmapDrawable(p7.getResources(), android.support.v4.graphics.drawable.IconCompat.createLegacyIconFromAdaptiveIcon(((android.graphics.Bitmap) this.mObj1), 0));
            default:
        }
        return 0;
    }

Method android.support.v7.widget.SearchView.createIntentFromSuggestion() calling method android.net.Uri.parse()


    private android.content.Intent createIntentFromSuggestion(android.database.Cursor p9, int p10, String p11)
    {
        try {
            android.support.v7.widget.SearchView v1_6 = android.support.v7.widget.SuggestionsAdapter.getColumnString(p9, "suggest_intent_action");
        } catch (RuntimeException v10_1) {
            try {
                android.content.Intent v9_1 = p9.getPosition();
            } catch (RuntimeException) {
                v9_1 = -1;
            }
            android.support.v7.widget.SearchView v1_10 = new StringBuilder();
            v1_10.append("Search suggestions cursor at row ");
            v1_10.append(v9_1);
            v1_10.append(" returned exception.");
            android.util.Log.w("SearchView", v1_10.toString(), v10_1);
            return 0;
        }
        if (v1_6 == null) {
            v1_6 = this.mSearchable.getSuggestIntentAction();
        }
        String v2_0;
        if (v1_6 != null) {
            v2_0 = v1_6;
        } else {
            v2_0 = "android.intent.action.SEARCH";
        }
        android.support.v7.widget.SearchView v1_3 = android.support.v7.widget.SuggestionsAdapter.getColumnString(p9, "suggest_intent_data");
        if (v1_3 == null) {
            v1_3 = this.mSearchable.getSuggestIntentData();
        }
        if (v1_3 != null) {
            android.net.Uri v3_1 = android.support.v7.widget.SuggestionsAdapter.getColumnString(p9, "suggest_intent_data_id");
            if (v3_1 != null) {
                String v4_1 = new StringBuilder();
                v4_1.append(v1_3);
                v4_1.append("/");
                v4_1.append(android.net.Uri.encode(v3_1));
                v1_3 = v4_1.toString();
            }
        }
        android.net.Uri v3_2;
        if (v1_3 != null) {
            v3_2 = android.net.Uri.parse(v1_3);
        } else {
            v3_2 = 0;
        }
        return this.createIntent(v2_0, v3_2, android.support.v7.widget.SuggestionsAdapter.getColumnString(p9, "suggest_intent_extra_data"), android.support.v7.widget.SuggestionsAdapter.getColumnString(p9, "suggest_intent_query"), p10, p11);
    }

Method android.support.v4.app.ActivityCompat.getReferrer() calling method android.net.Uri.parse()


    public static android.net.Uri getReferrer(android.app.Activity p2)
    {
        if (android.os.Build$VERSION.SDK_INT < 22) {
            int v2_5 = p2.getIntent();
            String v0_4 = ((android.net.Uri) v2_5.getParcelableExtra("android.intent.extra.REFERRER"));
            if (v0_4 == null) {
                int v2_1 = v2_5.getStringExtra("android.intent.extra.REFERRER_NAME");
                if (v2_1 == 0) {
                    return 0;
                } else {
                    return android.net.Uri.parse(v2_1);
                }
            } else {
                return v0_4;
            }
        } else {
            return p2.getReferrer();
        }
    }

Method android.support.v4.app.RemoteInput.getDataResultsFromIntent() calling method android.net.Uri.parse()


    public static java.util.Map getDataResultsFromIntent(android.content.Intent p6, String p7)
    {
        if (android.os.Build$VERSION.SDK_INT < 26) {
            if (android.os.Build$VERSION.SDK_INT < 16) {
                android.util.Log.w("RemoteInput", "RemoteInput is only supported from API Level 16");
                return 0;
            } else {
                boolean v6_1 = android.support.v4.app.RemoteInput.getClipDataIntentFromIntent(p6);
                if (v6_1) {
                    int v0_2 = new java.util.HashMap();
                    java.util.Iterator v1_3 = v6_1.getExtras().keySet().iterator();
                    while (v1_3.hasNext()) {
                        android.net.Uri v3_2 = ((String) v1_3.next());
                        if (v3_2.startsWith("android.remoteinput.dataTypeResultsData")) {
                            String v4_3 = v3_2.substring(39);
                            if (!v4_3.isEmpty()) {
                                android.net.Uri v3_4 = v6_1.getBundleExtra(v3_2).getString(p7);
                                if ((v3_4 != null) && (!v3_4.isEmpty())) {
                                    v0_2.put(v4_3, android.net.Uri.parse(v3_4));
                                }
                            }
                        }
                    }
                    if (v0_2.isEmpty()) {
                        v0_2 = 0;
                    }
                    return v0_2;
                } else {
                    return 0;
                }
            }
        } else {
            return android.app.RemoteInput.getDataResultsFromIntent(p6, p7);
        }
    }

Method com.vip.chaincasino.MainActivity.initView() calling method android.webkit.WebView.setWebViewClient()


    private void initView()
    {
        this.loadingView = this.findViewById(2131165244);
        this.loadingView.setVisibility(0);
        this.mWebView = ((android.webkit.WebView) this.findViewById(2131165330));
        this.mWebView.getSettings().setJavaScriptEnabled(1);
        this.mWebView.getSettings().setDomStorageEnabled(1);
        this.mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(1);
        this.mWebView.getSettings().setAppCacheEnabled(1);
        this.mWebView.setWebViewClient(new com.vip.chaincasino.MainActivity$1(this));
        this.mWebView.addJavascriptInterface(new com.vip.chaincasino.MainActivity$JavaScriptChannel(this, 0), "ChainCasino");
        this.mWebView.loadUrl(this.oldGameUrl);
        return;
    }

Method com.vip.chaincasino.MainActivity.initView() calling method android.webkit.WebView.addJavascriptInterface()


    private void initView()
    {
        this.loadingView = this.findViewById(2131165244);
        this.loadingView.setVisibility(0);
        this.mWebView = ((android.webkit.WebView) this.findViewById(2131165330));
        this.mWebView.getSettings().setJavaScriptEnabled(1);
        this.mWebView.getSettings().setDomStorageEnabled(1);
        this.mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(1);
        this.mWebView.getSettings().setAppCacheEnabled(1);
        this.mWebView.setWebViewClient(new com.vip.chaincasino.MainActivity$1(this));
        this.mWebView.addJavascriptInterface(new com.vip.chaincasino.MainActivity$JavaScriptChannel(this, 0), "ChainCasino");
        this.mWebView.loadUrl(this.oldGameUrl);
        return;
    }

Method com.vip.chaincasino.MainActivity.initView() calling method android.webkit.WebView.loadUrl()


    private void initView()
    {
        this.loadingView = this.findViewById(2131165244);
        this.loadingView.setVisibility(0);
        this.mWebView = ((android.webkit.WebView) this.findViewById(2131165330));
        this.mWebView.getSettings().setJavaScriptEnabled(1);
        this.mWebView.getSettings().setDomStorageEnabled(1);
        this.mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(1);
        this.mWebView.getSettings().setAppCacheEnabled(1);
        this.mWebView.setWebViewClient(new com.vip.chaincasino.MainActivity$1(this));
        this.mWebView.addJavascriptInterface(new com.vip.chaincasino.MainActivity$JavaScriptChannel(this, 0), "ChainCasino");
        this.mWebView.loadUrl(this.oldGameUrl);
        return;
    }

Method com.vip.chaincasino.MainActivity$4.run() calling method android.webkit.WebView.loadUrl()


    public void run()
    {
        com.vip.chaincasino.MainActivity.access$502(this.this$0, this.val$gameUrl);
        if (!this.val$gameUrl.equals(com.vip.chaincasino.MainActivity.access$600(this.this$0))) {
            com.vip.chaincasino.MainActivity.access$602(this.this$0, this.val$gameUrl);
            com.vip.chaincasino.MainActivity.access$700(this.this$0).edit().putString("game_url", com.vip.chaincasino.MainActivity.access$600(this.this$0)).apply();
            com.vip.chaincasino.MainActivity.access$800(this.this$0).loadUrl(this.val$gameUrl);
            com.vip.chaincasino.MainActivity.access$000(this.this$0).setVisibility(8);
            return;
        } else {
            com.vip.chaincasino.MainActivity.access$000(this.this$0).setVisibility(8);
            return;
        }
    }
[TAINT] Const '1' ==>>> Sink '['Landroid/webkit/WebSettings;', 'setJavaScriptEnabled', '(Z)V', '0', 'HTTP_NETWORKING_SINK']' [[('Lcom/vip/chaincasino/MainActivity;', 'initView', '()V'), ('Landroid/webkit/WebSettings;', 'setJavaScriptEnabled', '(Z)V')]]

JavaScript in Webview is enabled. setJavaScriptEnabled is set to true:

Method com.vip.chaincasino.MainActivity.initView():


    private void initView()
    {
        this.loadingView = this.findViewById(2131165244);
        this.loadingView.setVisibility(0);
        this.mWebView = ((android.webkit.WebView) this.findViewById(2131165330));
        this.mWebView.getSettings().setJavaScriptEnabled(1);
        this.mWebView.getSettings().setDomStorageEnabled(1);
        this.mWebView.getSettings().setJavaScriptCanOpenWindowsAutomatically(1);
        this.mWebView.getSettings().setAppCacheEnabled(1);
        this.mWebView.setWebViewClient(new com.vip.chaincasino.MainActivity$1(this));
        this.mWebView.addJavascriptInterface(new com.vip.chaincasino.MainActivity$JavaScriptChannel(this, 0), "ChainCasino");
        this.mWebView.loadUrl(this.oldGameUrl);
        return;
    }

Method android.webkit.WebSettings.setJavaScriptEnabled() not found.