@capgo/inappbrowser 8.2.0 → 8.3.0-alpha.0

package/README.md

@@ -1,9 +1,22 @@
 # @capgo/inappbrowser
- <a href="https://capgo.app/"><img src='https://raw.githubusercontent.com/Cap-go/capgo/main/assets/capgo_banner.png' alt='Capgo - Instant updates for capacitor'/></a>
+
+<a href="https://capgo.app/">
+  <img
+    src="https://raw.githubusercontent.com/Cap-go/capgo/main/assets/capgo_banner.png"
+    alt="Capgo - Instant updates for capacitor"
+  />
+</a>
 
 <div align="center">
-  <h2><a href="https://capgo.app/?ref=plugin_inappbrowser"> ➡️ Get Instant updates for your App with Capgo</a></h2>
-  <h2><a href="https://capgo.app/consulting/?ref=plugin_inappbrowser"> Missing a feature? We’ll build the plugin for you 💪</a></h2>
+  <h2>
+    <a href="https://capgo.app/?ref=plugin_inappbrowser"> ➡️ Get Instant updates for your App with Capgo</a>
+  </h2>
+  <h2>
+    <a href="https://capgo.app/consulting/?ref=plugin_inappbrowser">
+      {' '}
+      Missing a feature? We’ll build the plugin for you 💪
+    </a>
+  </h2>
 </div>
 
 Capacitor plugin in app browser with urlChangeEvent, two way communication, camera and microphone usage, etc.
@@ -30,10 +43,10 @@ The most complete doc is available here: https://capgo.app/docs/plugins/inappbro
 
 | Plugin version | Capacitor compatibility | Maintained |
 | -------------- | ----------------------- | ---------- |
-| v8.\*.\*       | v8.\*.\*                | ✅          |
-| v7.\*.\*       | v7.\*.\*                | On demand   |
-| v6.\*.\*       | v6.\*.\*                | ❌          |
-| v5.\*.\*       | v5.\*.\*                | ❌          |
+| v8.\*.\*       | v8.\*.\*                | ✅         |
+| v7.\*.\*       | v7.\*.\*                | On demand  |
+| v6.\*.\*       | v6.\*.\*                | ❌         |
+| v5.\*.\*       | v5.\*.\*                | ❌         |
 
 > **Note:** The major version of this plugin follows the major version of Capacitor. Use the version that matches your Capacitor installation (e.g., plugin v8 for Capacitor 8). Only the latest major version is actively maintained.
 
@@ -43,12 +56,13 @@ The most complete doc is available here: https://capgo.app/docs/plugins/inappbro
 npm install @capgo/inappbrowser
 npx cap sync
 ```
+
 ## Usage
 
 ```js
-import { InAppBrowser } from '@capgo/inappbrowser'
+import { InAppBrowser } from '@capgo/inappbrowser';
 
-InAppBrowser.open({ url: "YOUR_URL" });
+InAppBrowser.open({ url: 'YOUR_URL' });
 ```
 
 ### Customize Chrome Custom Tab Appearance (Android)
@@ -77,15 +91,15 @@ All CCT options are Android-only and safely ignored on iOS. See [`OpenOptions`](
 By default, the webview opens in fullscreen. You can set custom dimensions to control the size and position:
 
 ```js
-import { InAppBrowser } from '@capgo/inappbrowser'
+import { InAppBrowser } from '@capgo/inappbrowser';
 
 // Open with custom dimensions (400x600 at position 50,100)
 const { id } = await InAppBrowser.openWebView({
-  url: "YOUR_URL",
+  url: 'YOUR_URL',
   width: 400,
   height: 600,
   x: 50,
-  y: 100
+  y: 100,
 });
 
 // Update dimensions at runtime
@@ -94,7 +108,7 @@ InAppBrowser.updateDimensions({
   width: 500,
   height: 700,
   x: 100,
-  y: 150
+  y: 150,
 });
 ```
 
@@ -105,11 +119,11 @@ InAppBrowser.updateDimensions({
 To create a webView with a 20px bottom margin (safe margin area outside the browser):
 
 ```js
-import { InAppBrowser } from '@capgo/inappbrowser'
+import { InAppBrowser } from '@capgo/inappbrowser';
 
 InAppBrowser.openWebView({
-  url: "YOUR_URL",
-  enabledSafeBottomMargin: true
+  url: 'YOUR_URL',
+  enabledSafeBottomMargin: true,
 });
 ```
 
@@ -120,15 +134,16 @@ Web platform is not supported. Use `window.open` instead.
 To open the webview in true full screen mode (content extends behind the status bar), set `enabledSafeTopMargin` to `false`:
 
 ```js
-import { InAppBrowser } from '@capgo/inappbrowser'
+import { InAppBrowser } from '@capgo/inappbrowser';
 
 InAppBrowser.openWebView({
-  url: "YOUR_URL",
-  enabledSafeTopMargin: false  // Disables safe area at top, allows full screen
+  url: 'YOUR_URL',
+  enabledSafeTopMargin: false, // Disables safe area at top, allows full screen
 });
 ```
 
 This option works independently of the toolbar type:
+
 - **iOS**: The webview extends behind the status bar, providing true edge-to-edge content
 - **Android**: The top margin is disabled, allowing content to fill the entire screen
 
@@ -214,16 +229,16 @@ With this plugin you can send events from the main app to the inappbrowser and v
 #### Main app to inappbrowser, detail object is mendatory
 
 ```js
-const { id } = await InAppBrowser.openWebView({ url: "YOUR_URL" });
-InAppBrowser.postMessage({ id, detail: { message: "myMessage" } });
+const { id } = await InAppBrowser.openWebView({ url: 'YOUR_URL' });
+InAppBrowser.postMessage({ id, detail: { message: 'myMessage' } });
 // Or broadcast to all open webviews
-InAppBrowser.postMessage({ detail: { message: "broadcast" } });
+InAppBrowser.postMessage({ detail: { message: 'broadcast' } });
 ```
 
 #### Receive event from native in the inappbrowser
 
 ```js
-window.addEventListener("messageFromNative", (event) => {
+window.addEventListener('messageFromNative', (event) => {
   console.log(event);
 });
 ```
@@ -231,13 +246,13 @@ window.addEventListener("messageFromNative", (event) => {
 #### Send event from inappbrowser to main app, detail object is mendatory
 
 ```js
-window.mobileApp.postMessage({ detail: { message: "myMessage" } });
+window.mobileApp.postMessage({ detail: { message: 'myMessage' } });
 ```
 
 #### Receive event from inappbrowser in the main app
 
 ```js
-InAppBrowser.addListener("messageFromWebview", (event) => {
+InAppBrowser.addListener('messageFromWebview', (event) => {
   console.log(event.id, event.detail);
 });
 ```
@@ -272,6 +287,8 @@ window.mobileApp.close();
 * [`addListener('messageFromWebview', ...)`](#addlistenermessagefromwebview-)
 * [`addListener('browserPageLoaded', ...)`](#addlistenerbrowserpageloaded-)
 * [`addListener('pageLoadError', ...)`](#addlistenerpageloaderror-)
+* [`addListener('proxyRequest', ...)`](#addlistenerproxyrequest-)
+* [`handleProxyRequest(...)`](#handleproxyrequest)
 * [`removeAllListeners()`](#removealllisteners)
 * [`reload(...)`](#reload)
 * [`updateDimensions(...)`](#updatedimensions)
@@ -656,6 +673,45 @@ Will be triggered when page load error
 --------------------
 
 
+### addListener('proxyRequest', ...)
+
+```typescript
+addListener(eventName: 'proxyRequest', listenerFunc: (event: ProxyRequest) => void) => Promise<PluginListenerHandle>
+```
+
+Listen for proxied requests from the in-app browser webview.
+Use addProxyHandler() wrapper instead of calling this directly.
+
+| Param              | Type                                                                      |
+| ------------------ | ------------------------------------------------------------------------- |
+| **`eventName`**    | <code>'proxyRequest'</code>                                               |
+| **`listenerFunc`** | <code>(event: <a href="#proxyrequest">ProxyRequest</a>) =&gt; void</code> |
+
+**Returns:** <code>Promise&lt;<a href="#pluginlistenerhandle">PluginListenerHandle</a>&gt;</code>
+
+**Since:** 9.0.0
+
+--------------------
+
+
+### handleProxyRequest(...)
+
+```typescript
+handleProxyRequest(options: { requestId: string; response: ProxyResponse | null; webviewId?: string; }) => Promise<void>
+```
+
+Internal method: sends a proxied response back to native.
+Called by addProxyHandler() wrapper — not intended for direct use.
+
+| Param         | Type                                                                                                                  |
+| ------------- | --------------------------------------------------------------------------------------------------------------------- |
+| **`options`** | <code>{ requestId: string; response: <a href="#proxyresponse">ProxyResponse</a> \| null; webviewId?: string; }</code> |
+
+**Since:** 9.0.0
+
+--------------------
+
+
 ### removeAllListeners()
 
 ```typescript
@@ -848,7 +904,7 @@ And in the AndroidManifest.xml file:
 | **`ignoreUntrustedSSLError`**          | <code>boolean</code>                                                                                                                                                   | ignoreUntrustedSSLError: if true, the webview will ignore untrusted SSL errors allowing the user to view the website.                                                                                                                                                                                                                                                                                                                                                                                                                                      | <code>false</code>                                            | 6.1.0  |
 | **`preShowScript`**                    | <code>string</code>                                                                                                                                                    | preShowScript: if isPresentAfterPageLoad is true and this variable is set the plugin will inject a script before showing the browser. This script will be run in an async context. The plugin will wait for the script to finish (max 10 seconds)                                                                                                                                                                                                                                                                                                          |                                                               | 6.6.0  |
 | **`preShowScriptInjectionTime`**       | <code>'documentStart' \| 'pageLoad'</code>                                                                                                                             | preShowScriptInjectionTime: controls when the preShowScript is injected. - "documentStart": injects before any page JavaScript runs (good for polyfills like Firebase) - "pageLoad": injects after page load (default, original behavior)                                                                                                                                                                                                                                                                                                                  | <code>"pageLoad"</code>                                       | 7.26.0 |
-| **`proxyRequests`**                    | <code>string</code>                                                                                                                                                    | proxyRequests is a regex expression. Please see [this pr](https://github.com/Cap-go/capacitor-inappbrowser/pull/222) for more info. (Android only)                                                                                                                                                                                                                                                                                                                                                                                                         |                                                               | 6.9.0  |
+| **`proxyRequests`**                    | <code>boolean</code>                                                                                                                                                   | When true, all HTTP/HTTPS requests from the webview are sent to the proxy handler registered via addProxyHandler(). The handler can return a custom Response or null for pass-through.                                                                                                                                                                                                                                                                                                                                                                     |                                                               | 9.0.0  |
 | **`buttonNearDone`**                   | <code>{ ios: { iconType: 'sf-symbol' \| 'asset'; icon: string; }; android: { iconType: 'asset' \| 'vector'; icon: string; width?: number; height?: number; }; }</code> | buttonNearDone allows for a creation of a custom button near the done/close button. The button is only shown when toolbarType is not "activity", "navigation", or "blank". For Android: - iconType must be "asset" - icon path should be in the public folder (e.g. "monkey.svg") - width and height are optional, defaults to 48dp - button is positioned at the end of toolbar with 8dp margin For iOS: - iconType can be "sf-symbol" or "asset" - for sf-symbol, icon should be the symbol name - for asset, icon should be the asset name              |                                                               | 6.7.0  |
 | **`textZoom`**                         | <code>number</code>                                                                                                                                                    | textZoom: sets the text zoom of the page in percent. Allows users to increase or decrease the text size for better readability.                                                                                                                                                                                                                                                                                                                                                                                                                            | <code>100</code>                                              | 7.6.0  |
 | **`preventDeeplink`**                  | <code>boolean</code>                                                                                                                                                   | preventDeeplink: if true, the deeplink will not be opened, if false the deeplink will be opened when clicked on the link. on IOS each schema need to be added to info.plist file under LSApplicationQueriesSchemes when false to make it work.                                                                                                                                                                                                                                                                                                             | <code>false</code>                                            | 0.1.0  |
@@ -911,6 +967,31 @@ And in the AndroidManifest.xml file:
 | **`url`** | <code>string</code> | Emit when a button is clicked. | 0.0.1 |
 
 
+#### ProxyRequest
+
+Represents an intercepted HTTP request from the in-app browser webview.
+
+| Prop            | Type                                                            | Description                                                                                                                                                                                                                                                                                             |
+| --------------- | --------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| **`requestId`** | <code>string</code>                                             | Unique identifier for this request, used to match responses                                                                                                                                                                                                                                             |
+| **`url`**       | <code>string</code>                                             | The full URL being requested                                                                                                                                                                                                                                                                            |
+| **`method`**    | <code>string</code>                                             | HTTP method (GET, POST, PUT, DELETE, etc.)                                                                                                                                                                                                                                                              |
+| **`headers`**   | <code><a href="#record">Record</a>&lt;string, string&gt;</code> | Request headers as key-value pairs                                                                                                                                                                                                                                                                      |
+| **`body`**      | <code>string \| null</code>                                     | Base64-encoded request body, or null if no body. On Android, requests from HTML elements (img, script, link, iframe) are intercepted natively and do not have access to the request body — this field will be empty for those requests. Requests from fetch() and XMLHttpRequest include the full body. |
+| **`webviewId`** | <code>string</code>                                             | ID of the webview that made this request                                                                                                                                                                                                                                                                |
+
+
+#### ProxyResponse
+
+Response to send back for a proxied request.
+
+| Prop          | Type                                                            | Description                         |
+| ------------- | --------------------------------------------------------------- | ----------------------------------- |
+| **`body`**    | <code>string</code>                                             | Base64-encoded response body        |
+| **`status`**  | <code>number</code>                                             | HTTP status code                    |
+| **`headers`** | <code><a href="#record">Record</a>&lt;string, string&gt;</code> | Response headers as key-value pairs |
+
+
 #### DimensionOptions
 
 | Prop         | Type                | Description                             |
@@ -1024,5 +1105,6 @@ Construct a type with a set of properties K of type T
 </docgen-api>
 
 **Credits**
- - [WKWebViewController](https://github.com/Meniny/WKWebViewController) - for iOS
- - [CapBrowser](https://github.com/gadapa-rakesh/CapBrowser) - For the base in capacitor v2
+
+- [WKWebViewController](https://github.com/Meniny/WKWebViewController) - for iOS
+- [CapBrowser](https://github.com/gadapa-rakesh/CapBrowser) - For the base in capacitor v2

package/android/src/main/assets/proxy-bridge.js

@@ -0,0 +1,197 @@
+"use strict";
+(() => {
+  var __async = (__this, __arguments, generator) => {
+    return new Promise((resolve, reject) => {
+      var fulfilled = (value) => {
+        try {
+          step(generator.next(value));
+        } catch (e) {
+          reject(e);
+        }
+      };
+      var rejected = (value) => {
+        try {
+          step(generator.throw(value));
+        } catch (e) {
+          reject(e);
+        }
+      };
+      var step = (x) => x.done ? resolve(x.value) : Promise.resolve(x.value).then(fulfilled, rejected);
+      step((generator = generator.apply(__this, __arguments)).next());
+    });
+  };
+
+  // src/proxy-bridge.ts
+  (function() {
+    const proxyBridge = window.__capgoProxy;
+    if (!proxyBridge) return;
+    const accessToken = "___CAPGO_PROXY_TOKEN___";
+    let requestCounter = 0;
+    function generateRequestId() {
+      return "pr_" + Date.now() + "_" + requestCounter++;
+    }
+    function arrayBufferToBase64(buffer) {
+      const bytes = new Uint8Array(buffer);
+      let binary = "";
+      for (let i = 0; i < bytes.byteLength; i++) {
+        binary += String.fromCharCode(bytes[i]);
+      }
+      return btoa(binary);
+    }
+    function stringToBase64(str) {
+      return btoa(unescape(encodeURIComponent(str)));
+    }
+    function resolveUrl(url) {
+      if (url && !url.match(/^[a-zA-Z][a-zA-Z0-9+\-.]*:\/\//)) {
+        try {
+          return new URL(url, window.location.href).href;
+        } catch (_e) {
+          return url;
+        }
+      }
+      return url;
+    }
+    function bodyToBase64(body) {
+      return __async(this, null, function* () {
+        if (body === null || body === void 0) return null;
+        if (typeof body === "string") return stringToBase64(body);
+        if (body instanceof ArrayBuffer) return arrayBufferToBase64(body);
+        if (ArrayBuffer.isView(body))
+          return arrayBufferToBase64(body.buffer.slice(body.byteOffset, body.byteOffset + body.byteLength));
+        if (body instanceof Blob) {
+          const ab = yield body.arrayBuffer();
+          return arrayBufferToBase64(ab);
+        }
+        if (body instanceof FormData) {
+          const ab = yield new Response(body).arrayBuffer();
+          return arrayBufferToBase64(ab);
+        }
+        if (body instanceof URLSearchParams) {
+          return stringToBase64(body.toString());
+        }
+        return null;
+      });
+    }
+    const originalFetch = window.fetch;
+    window.fetch = function(input, init) {
+      return __async(this, null, function* () {
+        const requestId = generateRequestId();
+        let url;
+        let method = "GET";
+        const headers = {};
+        let body = null;
+        if (input instanceof Request) {
+          url = input.url;
+          method = input.method;
+          input.headers.forEach((v, k) => {
+            headers[k] = v;
+          });
+          try {
+            const cloned = input.clone();
+            const ab = yield cloned.arrayBuffer();
+            if (ab.byteLength > 0) {
+              body = ab;
+            }
+          } catch (_e) {
+          }
+        } else {
+          url = input instanceof URL ? input.toString() : input;
+        }
+        url = resolveUrl(url);
+        if (init) {
+          if (init.method) method = init.method;
+          if (init.headers) {
+            const h = new Headers(init.headers);
+            h.forEach((v, k) => {
+              headers[k] = v;
+            });
+          }
+          if (init.body !== void 0) body = init.body;
+        }
+        if (body instanceof FormData) {
+          const encoded = new Response(body);
+          const ct = encoded.headers.get("content-type");
+          if (ct) {
+            Object.keys(headers).forEach((k) => {
+              if (k.toLowerCase() === "content-type") delete headers[k];
+            });
+            headers["content-type"] = ct;
+          }
+          body = yield encoded.arrayBuffer();
+        }
+        const base64Body = yield bodyToBase64(body);
+        proxyBridge.storeRequest(accessToken, requestId, method, JSON.stringify(headers), base64Body || "");
+        const proxyUrl = "/_capgo_proxy_?u=" + encodeURIComponent(url) + "&rid=" + requestId;
+        return originalFetch.call(window, proxyUrl, { method: "GET" });
+      });
+    };
+    const XHROpen = XMLHttpRequest.prototype.open;
+    const XHRSend = XMLHttpRequest.prototype.send;
+    const XHRSetHeader = XMLHttpRequest.prototype.setRequestHeader;
+    XMLHttpRequest.prototype.open = function(method, url, ...rest) {
+      this.__proxyMethod = method;
+      this.__proxyUrl = resolveUrl(url instanceof URL ? url.toString() : url);
+      this.__proxyHeaders = {};
+      return XHROpen.apply(this, [method, url, ...rest]);
+    };
+    XMLHttpRequest.prototype.setRequestHeader = function(name, value) {
+      if (this.__proxyHeaders) {
+        this.__proxyHeaders[name] = value;
+      }
+      return XHRSetHeader.call(this, name, value);
+    };
+    XMLHttpRequest.prototype.send = function(body) {
+      const xhr = this;
+      const requestId = generateRequestId();
+      const method = xhr.__proxyMethod || "GET";
+      const url = xhr.__proxyUrl || "";
+      const headers = xhr.__proxyHeaders || {};
+      function completeSend(base64Body) {
+        proxyBridge.storeRequest(accessToken, requestId, method, JSON.stringify(headers), base64Body);
+        const proxyUrl = "/_capgo_proxy_?u=" + encodeURIComponent(url) + "&rid=" + requestId;
+        XHROpen.call(xhr, "GET", proxyUrl, true);
+        XHRSend.call(xhr, null);
+      }
+      if (body === null || body === void 0) {
+        completeSend("");
+        return;
+      }
+      if (typeof body === "string") {
+        completeSend(stringToBase64(body));
+        return;
+      }
+      if (body instanceof ArrayBuffer) {
+        completeSend(arrayBufferToBase64(body));
+        return;
+      }
+      if (ArrayBuffer.isView(body)) {
+        completeSend(arrayBufferToBase64(body.buffer.slice(body.byteOffset, body.byteOffset + body.byteLength)));
+        return;
+      }
+      if (body instanceof URLSearchParams) {
+        completeSend(stringToBase64(body.toString()));
+        return;
+      }
+      if (body instanceof Blob || body instanceof FormData) {
+        const encoded = new Response(body);
+        if (body instanceof FormData) {
+          const ct = encoded.headers.get("content-type");
+          if (ct) {
+            Object.keys(headers).forEach((k) => {
+              if (k.toLowerCase() === "content-type") delete headers[k];
+            });
+            headers["content-type"] = ct;
+          }
+        }
+        encoded.arrayBuffer().then((ab) => {
+          completeSend(arrayBufferToBase64(ab));
+        }).catch((_e) => {
+          console.error("[proxy-bridge] Failed to encode Blob/FormData body:", _e);
+          completeSend("");
+        });
+        return;
+      }
+      completeSend("");
+    };
+  })();
+})();

package/android/src/main/java/ee/forgr/capacitor_inappbrowser/InAppBrowserPlugin.java

@@ -46,8 +46,6 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.UUID;
-import java.util.regex.Pattern;
-import java.util.regex.PatternSyntaxException;
 import org.json.JSONException;
 import org.json.JSONObject;
 
@@ -62,7 +60,7 @@ import org.json.JSONObject;
 )
 public class InAppBrowserPlugin extends Plugin implements WebViewDialog.PermissionHandler {
 
-    private final String pluginVersion = "8.2.0";
+    private final String pluginVersion = "8.3.0-alpha.0";
 
     public static final String CUSTOM_TAB_PACKAGE_NAME = "com.android.chrome"; // Change when in stable
     private CustomTabsClient customTabsClient;
@@ -577,14 +575,7 @@ public class InAppBrowserPlugin extends Plugin implements WebViewDialog.Permissi
             options.setTextZoom(textZoom);
         }
 
-        String proxyRequestsStr = call.getString("proxyRequests");
-        if (proxyRequestsStr != null) {
-            try {
-                options.setProxyRequestsPattern(Pattern.compile(proxyRequestsStr));
-            } catch (PatternSyntaxException e) {
-                Log.e("WebViewDialog", String.format("Pattern '%s' is not a valid pattern", proxyRequestsStr));
-            }
-        }
+        options.setProxyRequests(Boolean.TRUE.equals(call.getBoolean("proxyRequests", false)));
 
         try {
             // Try to set buttonNearDone if present, with better error handling
@@ -733,6 +724,22 @@ public class InAppBrowserPlugin extends Plugin implements WebViewDialog.Permissi
                     notifyListeners("confirmBtnClicked", new JSObject().put("id", webViewId).put("url", url));
                 }
 
+                @Override
+                public void proxyRequestEvent(String requestId, String url, String method, String headersJson, String body, String wvId) {
+                    JSObject data = new JSObject();
+                    data.put("requestId", requestId);
+                    data.put("url", url);
+                    data.put("method", method);
+                    try {
+                        data.put("headers", new JSObject(headersJson));
+                    } catch (Exception e) {
+                        data.put("headers", new JSObject());
+                    }
+                    data.put("body", body);
+                    data.put("webviewId", wvId);
+                    notifyListeners("proxyRequest", data);
+                }
+
                 @Override
                 public void javascriptCallback(String message) {
                     // Handle the message received from JavaScript
@@ -1070,24 +1077,20 @@ public class InAppBrowserPlugin extends Plugin implements WebViewDialog.Permissi
     }
 
     @PluginMethod
-    public void lsuakdchgbbaHandleProxiedRequest(PluginCall call) {
+    public void handleProxyRequest(PluginCall call) {
+        String requestId = call.getString("requestId");
+        if (requestId == null) {
+            call.reject("requestId is required");
+            return;
+        }
         String webviewId = call.getString("webviewId");
         WebViewDialog webViewDialog = webviewId != null ? webViewDialogs.get(webviewId) : resolveDialog(null);
-        if (webViewDialog != null) {
-            Boolean ok = call.getBoolean("ok", false);
-            String id = call.getString("id");
-            if (id == null) {
-                Log.e("InAppBrowserProxy", "CRITICAL ERROR, proxy id = null");
-                return;
-            }
-            if (Boolean.FALSE.equals(ok)) {
-                String result = call.getString("result", "");
-                webViewDialog.handleProxyResultError(result, id);
-            } else {
-                JSONObject object = call.getObject("result");
-                webViewDialog.handleProxyResultOk(object, id);
-            }
+        if (webViewDialog == null) {
+            call.reject("Target WebView not found for proxy request");
+            return;
         }
+        JSObject response = call.getObject("response");
+        webViewDialog.handleProxyResponse(requestId, response);
         call.resolve();
     }
 

package/android/src/main/java/ee/forgr/capacitor_inappbrowser/Options.java

@@ -9,8 +9,6 @@ import java.io.InputStream;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Objects;
-import java.util.Objects;
-import java.util.regex.Pattern;
 
 public class Options {
 
@@ -170,7 +168,7 @@ public class Options {
     private boolean ignoreUntrustedSSLError;
     private String preShowScript;
     private String toolbarTextColor;
-    private Pattern proxyRequestsPattern = null;
+    private boolean proxyRequests = false;
     private boolean materialPicker = false;
     private int textZoom = 100; // Default text zoom is 100%
     private boolean preventDeeplink = false;
@@ -262,12 +260,12 @@ public class Options {
         this.useTopInset = useTopInset;
     }
 
-    public Pattern getProxyRequestsPattern() {
-        return proxyRequestsPattern;
+    public boolean getProxyRequests() {
+        return proxyRequests;
     }
 
-    public void setProxyRequestsPattern(Pattern proxyRequestsPattern) {
-        this.proxyRequestsPattern = proxyRequestsPattern;
+    public void setProxyRequests(boolean proxyRequests) {
+        this.proxyRequests = proxyRequests;
     }
 
     public PluginCall getPluginCall() {

package/android/src/main/java/ee/forgr/capacitor_inappbrowser/ProxyBridge.java

@@ -0,0 +1,60 @@
+package ee.forgr.capacitor_inappbrowser;
+
+import android.webkit.JavascriptInterface;
+import java.util.concurrent.ConcurrentHashMap;
+
+public class ProxyBridge {
+
+    private static final int MAX_STORED_REQUESTS = 256;
+
+    public static class StoredRequest {
+
+        public final String method;
+        public final String headersJson;
+        public final String base64Body;
+
+        public StoredRequest(String method, String headersJson, String base64Body) {
+            this.method = method != null ? method : "";
+            this.headersJson = headersJson != null ? headersJson : "{}";
+            this.base64Body = base64Body != null ? base64Body : "";
+        }
+    }
+
+    private final ConcurrentHashMap<String, StoredRequest> storedRequests = new ConcurrentHashMap<>();
+    private final String accessToken;
+
+    /**
+     * @param accessToken Random token generated per webview instance.
+     *     The injected proxy-bridge script receives this token and must
+     *     pass it on every storeRequest call. Page JS that doesn't know
+     *     the token cannot abuse the interface.
+     */
+    public ProxyBridge(String accessToken) {
+        this.accessToken = accessToken;
+    }
+
+    @JavascriptInterface
+    public void storeRequest(String token, String requestId, String method, String headersJson, String base64Body) {
+        if (token == null || !token.equals(accessToken)) {
+            return;
+        }
+        if (requestId == null || requestId.isEmpty()) {
+            return;
+        }
+        if (storedRequests.size() >= MAX_STORED_REQUESTS) {
+            // Remove an arbitrary entry to prevent unbounded growth
+            var it = storedRequests.keys().asIterator();
+            if (it.hasNext()) {
+                storedRequests.remove(it.next());
+            }
+        }
+        storedRequests.put(requestId, new StoredRequest(method, headersJson, base64Body));
+    }
+
+    public StoredRequest getAndRemove(String requestId) {
+        if (requestId == null) {
+            return null;
+        }
+        return storedRequests.remove(requestId);
+    }
+}

package/android/src/main/java/ee/forgr/capacitor_inappbrowser/WebViewCallbacks.java

@@ -14,4 +14,6 @@ public interface WebViewCallbacks {
     public void buttonNearDoneClicked();
 
     public void confirmBtnClicked(String url);
+
+    public void proxyRequestEvent(String requestId, String url, String method, String headersJson, String body, String webviewId);
 }