To ensure the security of an app when a URL is opened, you can enable the system to check the URL before HTML5 container calls the URL. If the URL is not in the whitelist, a call to the URL can be automatically blocked.
We recommend that URLs be checked before one of the following MPNebula APIs is called:
// Determine whether the opened URL is in the whitelist
NSString *urlWhiteList = @"xxxx";
NSURL *url = [NSURL URLWithString:@"https://example.com/products/xxx"];
if (![url.host isEqualToString:urlWhiteList]) {
return;
}
// Open online URL
[[MPNebulaAdapterInterface shareInstance] startH5ViewControllerWithParams:@{@"url": @"https://example.com/products/xxx"}];
// Create vc based on URL
MPH5WebViewController *vc = (MPH5WebViewController *)[[MPNebulaAdapterInterface shareInstance] createH5ViewController:@{@"url":@"https://example.com/products/xxx"}];Important
Exact matching is required for the URLs. At least the scheme and host information in the URI class must be matched. Do not use regular expression matching or use it with caution. Avoid using imprecise functions, such as contains, startsWith, endsWith, and indexOf.