NetworkRequestAllowExtension

The Android SDK enforces strict security policies by restricting JSAPI communication to HTTPS domains only. To suit development or business needs, you can enable HTTP access for the my.request and my.uploadFile JSAPIs.

To customize HTTP access for these JSAPIs, implement the NetworkRequestAllowExtension interface. This topic details the interface's implementation and specifications.

Before you begin

Ensure that the integrated Android IAPMiniProgram SDK is version 2.65.7 or later. For more information, see SDK release notes.

Procedure

To customize access, take the following two steps:

Step 1: Implement the NetworkRequestAllowExtension interface

Create a class that implements the NetworkRequestAllowExtension interface. Within the class, override the shouldAllowHttpRequest method to specify the HTTP allowlist. For more information about the interface and method, refer to NetworkRequestAllowExtension. The following code provides a sample implementation:

copy
class CustomNetworkRequestAllowExtensionImpl : NetworkRequestAllowExtension {
    private var allowUrl = ""

    override fun shouldAllowHttpRequest(url: String): Boolean {
        // Add logic to determine whether the requested URL is allowed
        return url == allowUrl
    }
}

Step 2: Register the implementation class

After initializing the SDK, call the registerExtension API to register the implementation class (for example, CustomNetworkRequestAllowExtensionImpl in the sample) with the SDK. Refer to the following sample registration code:

copy
IAPConnect.init(application, initConfig, object : InitCallback {
    override fun onSuccess() {
        //ยทยทยท
        Griver.registerExtension(
            GriverExtensionManifest(
                NetworkRequestAllowExtension::class.java,
                CustomNetworkRequestAllowExtensionImpl()
            )
        )
    }
})

Structures

NetworkRequestAllowExtension interface

The NetworkRequestAllowExtension interface defines a method for the super app to customize network access for specific JSAPIs. When a request is restricted by the default security policies, the SDK calls the method to check your custom allowlist, determining whether to allow or block the request. Refer to the following code for interface definition:

copy
interface NetworkRequestAllowExtension : GriverExtension {
    fun shouldAllowHttpRequest(url: String): Boolean
}

Based on the definition, this interface provides the following method:

Method

Description

shouldAllowHttpRequest

Called by the SDK to check if requests to a specific HTTP URL are allowed for the following JSAPIs:

For more information, refer to shouldAllowHttpRequest.

shouldAllowHttpRequest method

Parameters

Parameter

Data type

Required

Description

url

String

Yes

The absolute HTTP URL that the JSAPI requests.

Return value

Value

Description

true

Return this value if the HTTP URL is in the allowlist, which allows the JSAPI call.

false

Return this value if the HTTP URL is not in the allowlist, which blocks the JSAPI call.