Alternate Solution for setJavaScriptEnabled(true);

Question

I have developed an Android Application which uses Webview Component. I have used following line into my code,

webViewScores.getSettings().setJavaScriptEnabled(true);

Due to this line it is showing Lint warning as Using setJavaScriptEnabled can introduce XSS vulnerabilities into you application, review carefully. Now I know that I can suppress this warning by writing this line @SuppressLint("SetJavaScriptEnabled") above my method or at class level. But my question is, Is there any alternate solution for this ? I means is there any other way we can set Java Script Enabled in Webview ?

score 34 · Answer 1 · answered May 19 '14 at 10:47

34

you have to use it at Class Level like

@SuppressLint("SetJavaScriptEnabled")
public class MyActivity extends Activity
{
    ...
}

and according to me there is no other way to enable JavaScript in WebView and if your app really doesn’t require JavaScript usage within a WebView then don’t call setJavaScriptEnabled(true).

answered May 19 '14 at 10:47

Neha Shukla

3,334
5
35
65

35

Suppressing a warning shouldn't be a solution. – devDeejay Feb 12 '20 at 07:11

score 5 · Answer 2 · answered May 19 '14 at 10:42

5

The warning tells You that enabling Javascript may be not secure. Just check if You absolutely need to enable Javascript and if You need it, suppress warning by

@SuppressLint("SetJavaScriptEnabled")

answered May 19 '14 at 10:42

NoAngel

810
2
15
26

14

Doesn't answer the question. – ban-geoengineering Jan 20 '15 at 14:57

score -1 · Answer 3 · answered Mar 30 '14 at 19:26

-1

You could alternatively implement a custom Javascript renderer or even better a full browser, after all, a browser only parses the html which is basically XML

answered Mar 30 '14 at 19:26

user3343456

103
2
9

1

Said implementation should definitely include liberal usage of regular expressions. It shall be called NIH-Browser. – Sogger Jan 20 '16 at 21:27

Alternate Solution for setJavaScriptEnabled(true);

3 Answers3