8f4d4b0c03
WKWebView-Huelle fuer Hybrid-Apps (Web-Lese-Surfaces + native Submit/Widget/ShareExt). Extrahiert aus den fast-byte-identischen `WebShell/`-Ordnern in seepuls-native und zitare-native (~900 LOC, davon ~700 LOC Duplikat). Audit 2026-05-17 V2. Neu (public API): - `WebShellView` — WKWebView-Wrapper mit Progress-Bar, Pull-to- Refresh (iOS), Fehler-Snackbar, External-Link-Delegation. Universal (iOS + macOS) - `WebShellConfig` — Host-Whitelist mit Wildcard-Support (`"*.mana.how"`), User-Agent, Theme-Hints, User-Scripts - `WebTarget` — URL + monoton wachsender reloadToken - `WebNavState` — @Observable, @MainActor, reaktiver Nav-State - `WebShellCoordinator` — WKNavigationDelegate + WKUIDelegate - `WebShellScripts` — Helfer fuer `preferDarkScheme`, `syncDarkMode(localStorageKey:)`, `hideElements(selectors:tagName:)` Logging unter Subsystem `ev.mana.webshell` (App-OSLog bleibt eigen). Tests: 6 neue Tests gegen `WebShellConfig.isAllowed` (Wildcards, Negativ-Cases). 50/50 grün insgesamt (6 ManaWebShell + 44 ManaAuthUI). Doku: `mana/docs/playbooks/HYBRID_NATIVE_APP.md` (Schwester-Repo). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
56 lines
1.8 KiB
Swift
56 lines
1.8 KiB
Swift
import Testing
|
|
@testable import ManaWebShell
|
|
|
|
@Suite("WebShellConfig — Host-Whitelist")
|
|
struct WebShellConfigTests {
|
|
private func config(_ hosts: [String]) -> WebShellConfig {
|
|
WebShellConfig(allowedHosts: hosts, userAgent: "TestNative/0.1")
|
|
}
|
|
|
|
@Test("Exakter Host matched")
|
|
func exactMatch() {
|
|
let c = config(["seepuls.mana.how"])
|
|
#expect(c.isAllowed(host: "seepuls.mana.how"))
|
|
#expect(!c.isAllowed(host: "other.mana.how"))
|
|
#expect(!c.isAllowed(host: "mana.how"))
|
|
#expect(!c.isAllowed(host: "evil.com"))
|
|
}
|
|
|
|
@Test("Wildcard *.root matched Subdomain")
|
|
func wildcardSubdomain() {
|
|
let c = config(["*.mana.how"])
|
|
#expect(c.isAllowed(host: "seepuls.mana.how"))
|
|
#expect(c.isAllowed(host: "auth.mana.how"))
|
|
#expect(c.isAllowed(host: "deep.nested.mana.how"))
|
|
}
|
|
|
|
@Test("Wildcard *.root matched Root selbst")
|
|
func wildcardCoversRoot() {
|
|
let c = config(["*.mana.how"])
|
|
#expect(c.isAllowed(host: "mana.how"))
|
|
}
|
|
|
|
@Test("Wildcard matched nicht andere TLDs")
|
|
func wildcardScoped() {
|
|
let c = config(["*.mana.how"])
|
|
#expect(!c.isAllowed(host: "mana.com"))
|
|
#expect(!c.isAllowed(host: "fake-mana.how"))
|
|
#expect(!c.isAllowed(host: "evil.com"))
|
|
}
|
|
|
|
@Test("Mehrere Patterns kombinieren")
|
|
func mixedPatterns() {
|
|
let c = config(["zitare.com", "www.zitare.com", "*.mana.how"])
|
|
#expect(c.isAllowed(host: "zitare.com"))
|
|
#expect(c.isAllowed(host: "www.zitare.com"))
|
|
#expect(c.isAllowed(host: "auth.mana.how"))
|
|
#expect(c.isAllowed(host: "mana.how"))
|
|
#expect(!c.isAllowed(host: "other.zitare.com"))
|
|
}
|
|
|
|
@Test("Leere Whitelist verbietet alles")
|
|
func emptyDenies() {
|
|
let c = config([])
|
|
#expect(!c.isAllowed(host: "anything.com"))
|
|
}
|
|
}
|