@cordova-ohos/cordova-plugin-whitelist 1.3.5

package/LICENSE

@@ -0,0 +1,204 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+
+  Copyright (c) 2025 Huawei Device, Inc. Ltd. and <马弓手>.
+ 
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+ 
+      http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+ 

package/OAT.xml

@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Copyright (c) 2021 Huawei Device Co., Ltd.
+
+     Licensed under the Apache License, Version 2.0 (the "License");
+     you may not use this file except in compliance with the License.
+     You may obtain a copy of the License at
+
+          http://www.apache.org/licenses/LICENSE-2.0
+
+     Unless required by applicable law or agreed to in writing, software
+     distributed under the License is distributed on an "AS IS" BASIS,
+     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+     See the License for the specific language governing permissions and
+     limitations under the License.
+
+    This is the configuration file template for OpenHarmony OSS Audit Tool, please copy it to your project root dir and modify it refer to OpenHarmony/tools_oat/README.
+
+-->
+
+<configuration>
+    <oatconfig>
+        <licensefile></licensefile>
+        <policylist>
+            <policy name="projectPolicy" desc="">
+                <!--policyitem type="compatibility" name="GPL-2.0+" path="abc/.*" desc="Process that runs independently, invoked by the X process."/-->
+                <!--policyitem type="license" name="LGPL" path="abc/.*" desc="Dynamically linked by module X"/-->
+                <policyitem type="copyright" name="Copyright (c) 2025 Huawei Device, Inc. Ltd. and &lt;马弓手&gt;." path=".*" rule="may" group="defaultGroup" filefilter="copyrightPolicyFilter" desc="Developed by Huawei Device,Inc. Ltd. and &lt;马弓手&gt;"/>
+            </policy>
+        </policylist>
+        <filefilterlist>
+            <filefilter name="defaultFilter" desc="Files not to check">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="defaultPolicyFilter" desc="Filters for compatibility，license header policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="copyrightPolicyFilter" desc="Filters for copyright header policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="licenseFileNamePolicyFilter" desc="Filters for LICENSE file policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="readmeFileNamePolicyFilter" desc="Filters for README file policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="readmeOpenSourcefileNamePolicyFilter" desc="Filters for README.OpenSource file policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+            <filefilter name="binaryFileTypePolicyFilter" desc="Filters for binary file policies">
+                <!--filteritem type="filename" name="*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="abcdefg/.*.uvwxyz" desc="Describe the reason for filtering scan results"/-->
+                <!--filteritem type="filepath" name="projectroot/[a-zA-Z0-9]{20,}.sh" desc="Temp files"/-->
+            </filefilter>
+
+        </filefilterlist>
+        <licensematcherlist>
+            <!--licensematcher name="uvwxyz License" desc="If the scanning result is InvalidLicense, you can define matching rules here. Note that quotation marks must be escaped.">
+                <licensetext name="
+                    uvwxyz license textA xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+				 " desc=""/>
+                <licensetext name="
+                    uvwxyz license textB xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+				 " desc=""/>
+            </licensematcher-->
+        </licensematcherlist>
+    </oatconfig>
+</configuration>

package/README.md

@@ -0,0 +1,111 @@
+# cordova-plugin-whitelist
+
+Cordova 官方核心插件，用于控制应用对外部资源的访问权限，包括网络请求、外部应用跳转和 WebView 导航。它通过白名单机制有效防范跨站请求伪造（CSRF）、恶意 URL 跳转等安全风险，是保障 Cordova 应用安全性的关键组件。
+
+**重要提示：** <span style="color:red">该插件在Cordova10.0开始，已在Android和iOS中废弃，插件已失效，因此该插件也在OHOS系统中功能失效，但保留插件接口，主要兼容老版本的Android或iOS项目移植使用，如果您是新项目，无需安装该插件。</span>
+
+
+## 安装指南
+
+### 1. 基础安装（推荐）
+
+```bash
+# 安装hcordova
+npm install -g hcordova
+
+# 全平台安装
+hcordova plugin add cordova-plugin-whitelist
+```
+
+### 2. 安装指定版本
+
+如需兼容特定 Cordova 版本，可指定插件版本号：
+
+```bash
+# 安装 1.0.0 稳定版
+
+hcordova plugin add cordova-plugin-whitelist@1.0.0 --platform ohos
+```
+
+### 3. 开发版安装
+
+如需测试最新功能，可从 GitCode 仓库安装开发分支：
+
+```bash
+hcordova plugin add https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist.git --platform ohos
+```
+
+### 4. 卸载插件
+
+
+```bash
+#全平台卸载
+hcordova plugin remove cordova-plugin-whitelist
+
+#指定OHOS卸载
+hcordova plugin remove cordova-plugin-whitelist --platform ohos
+```
+
+## 核心功能说明
+
+插件通过三类白名单规则实现精细化权限控制，所有配置均在项目根目录的 `config.xml` 中完成
+
+
+| 白名单类型      | 控制范围                                                 | 配置标签                 | 适用平台      |
+| ---------- | ---------------------------------------------------- | -------------------- | --------- |
+| 网络请求白名单    | 控制应用发起的 XMLHttpRequest、WebSocket、图片 / 脚本 / 字体等资源加载请求 | `<access>`           | 所有支持平台    |
+| 导航白名单      | 控制应用内 WebView 可直接导航到的外部 URL（不跳转外部浏览器）                | `<allow-navigation>` | 所有支持平台    |
+
+## 详细配置指南
+
+### 1. 网络请求白名单（`<access>` 标签）
+
+控制应用所有网络资源加载，支持通配符、协议限制和子域名匹配。
+
+#### 基础语法
+
+```xml
+<!-- 推荐配置 -->
+<access origin="*" />
+
+<!-- 允许访问指定域名 -->
+<access origin="https://api.example.com" />
+
+<!-- 允许访问指定域名及其所有子域名 -->
+<access origin="https://*.example.com" />
+
+<!-- 允许访问所有 HTTPS/WSS 安全域名（推荐） -->
+<access origin="https://*" />
+
+<!-- 允许访问指定端口（需完整指定协议+域名+端口） -->
+<access origin="https://api.example.com:8443" />
+```
+
+### 2. 导航白名单（`<allow-navigation>` 标签）
+
+控制 WebView 可直接导航的 URL，未配置的 URL 会触发系统浏览器打开（或被拦截）。
+
+#### 常用配置
+
+
+```xml
+<!-- 推荐配置 -->
+<allow-navigation href="*" />
+
+<!-- 允许导航到应用主域名下所有路径 -->
+<allow-navigation href="https://app.example.com/*" />
+
+<!-- 允许导航到子域名 -->
+<allow-navigation href="https://*.app.example.com" />
+
+```
+
+## 许可证
+
+本插件基于 **Apache License 2.0** 开源，详见 [LICENSE](LICENSE) 文件。
+
+## 资源参考
+
+1. **OHOS**：[https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist](https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist)
+
+2. **Android、ios插件说明**：[https://www.npmjs.com/package/cordova-plugin-whitelist](https://www.npmjs.com/package/cordova-plugin-whitelist)

package/package.json

@@ -0,0 +1,29 @@
+{
+  "name": "@cordova-ohos/cordova-plugin-whitelist",
+  "version": "1.3.5",
+  "description": "Cordova whitelist Plugin",
+  "cordova": {
+    "id": "cordova-plugin-whitelist",
+    "platforms": [
+      "ohos"
+    ]
+  },
+  "repository": "gitcode:OpenHarmony-Cordova/cordova-plugin-whitelist",
+  "bugs": "https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist/issues",
+  "keywords": [
+    "cordova",
+    "whitelist",
+    "ecosystem:cordova",
+    "cordova-openharmony"
+  ],
+  "engines": {
+    "cordovaDependencies": {
+      "1.3.5": {
+        "@cordova-ohos/ohos": ">=2.0.0",
+        "hcordova":">=1.0.0"
+      }
+    }
+  },
+  "author": " Huawei Device, Inc. Ltd. and <马弓手>",
+  "license": "Apache-2.0"
+}

package/plugin.xml

@@ -0,0 +1,47 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  Copyright (c) 2025 Huawei Device, Inc. Ltd. and <马弓手>.
+ 
+  Licensed under the Apache License, Version 2.0 (the "License");
+  you may not use this file except in compliance with the License.
+  You may obtain a copy of the License at
+ 
+      http://www.apache.org/licenses/LICENSE-2.0
+ 
+  Unless required by applicable law or agreed to in writing, software
+  distributed under the License is distributed on an "AS IS" BASIS,
+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  See the License for the specific language governing permissions and
+  limitations under the License.
+-->
+<plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
+        id="cordova-plugin-whitelist"
+        version="1.3.5">
+    <name>whitelist</name>
+    <description>Cordova whitelist Plugin</description>
+    <license>Apache 2.0</license>
+    <keywords>cordova,whitelist</keywords>
+    <repo>https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist.git</repo>
+    <issue>https://gitcode.com/OpenHarmony-Cordova/cordova-plugin-whitelist/issues</issue>
+
+    <engines>
+        <engine name="@cordova-ohos/ohos" version=">=2.0.0" />
+    </engines>
+
+    <platform name="ohos">
+        <config-file target="src/main/resources/rawfile/config.xml" parent="/*" modules-targets-name="default">
+            <feature name="Whitelist">
+                <param name="android-package" value="WhitelistPlugin" />
+                <param name="onload" value="true" />
+            </feature>
+        </config-file>
+
+        <CMakeLists target="src/main/cpp/CMakeLists.txt" modules-name="cordova">
+            <param target="add_library" value="Whitelist/WhitelistPlugin.cpp"/>
+        </CMakeLists>
+
+        <source-file type="h" src="src/main/cpp/Whitelist/Whitelist.h" target-dir="src/main/cpp/Whitelist" modules-name="cordova"/>
+        <source-file type="h" src="src/main/cpp/Whitelist/WhitelistPlugin.h" target-dir="src/main/cpp/Whitelist" modules-name="cordova"/>
+        <source-file type="cpp" src="src/main/cpp/Whitelist/WhitelistPlugin.cpp" target-dir="src/main/cpp/Whitelist" modules-name="cordova"/>
+    </platform>
+</plugin>

package/src/main/cpp/Whitelist/Whitelist.h

@@ -0,0 +1,228 @@
+/*
+ * Copyright (c) 2025 Huawei Device, Inc. Ltd. and <马弓手>.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MYAPPLICATION_WHITELIST_H
+#define MYAPPLICATION_WHITELIST_H
+#include <iostream>
+#include <vector>
+#include <string>
+#include <regex>
+#include <memory>
+#include <stdexcept>
+
+class Whitelist {
+    class URLPattern {
+    public:
+        std::shared_ptr<std::regex> scheme;
+        std::shared_ptr<std::regex> host;
+        std::shared_ptr<int> port;
+        std::shared_ptr<std::regex> path;
+    private:
+        std::string regexFromPattern(const std::string& pattern, bool allowWildcards)
+        {
+            const std::string toReplace = ".[]{}()^$?+|";
+            std::string regexStr;
+            
+            for (char c : pattern) {
+                if (c == '*' && allowWildcards) {
+                    regexStr += ".";
+                } else if (toReplace.find(c) != std::string::npos) {
+                    regexStr += '\\';
+                }
+                regexStr += c;
+            }
+            return regexStr;
+        }
+    public:
+        URLPattern(const std::string& scheme, const std::string& host, const std::string& port, const std::string& path)
+        {
+            // Scheme处理
+            if (scheme.empty() || scheme == "*") {
+                this->scheme = nullptr;
+            } else {
+                std::string schemeRegex = regexFromPattern(scheme, false);
+                this->scheme = make_shared<std::regex>(schemeRegex, std::regex_constants::icase);
+            }
+            
+            // Host处理
+            if (host == "*") {
+                this->host = nullptr;
+            } else if (host.size() >= 2 && host.substr(0, 2) == "*.") {
+                std::string hostRegex = "([a-z0-9.-]*\\.)?" + regexFromPattern(host.substr(2), false);
+                this->host = make_shared<std::regex>(hostRegex, std::regex_constants::icase);
+            } else {
+                std::string hostRegex = regexFromPattern(host, false);
+                this->host = make_shared<std::regex>(hostRegex, std::regex_constants::icase);
+            }
+
+            // Port处理
+            if (port.empty() || port == "*") {
+                this->port = nullptr;
+            } else {
+                int portNum = stoi(port);
+                if (portNum < 0 || portNum > 65535) {
+                    throw std::invalid_argument("Port must be between 0 and 65535");
+                }
+                this->port = std::make_shared<int>(portNum);
+            }
+
+            // Path处理
+            if (path.empty() || path == "/*") {
+                this->path = nullptr;
+            } else {
+                std::string pathRegex = regexFromPattern(path, true);
+                this->path = make_shared<std::regex>(pathRegex);
+            }
+        }
+
+        bool matches(const std::string& uri) const
+        {
+            size_t schemeEnd = uri.find("://");
+            if (schemeEnd == std::string::npos) {
+                return false;
+            }
+
+            std::string schemeStr = uri.substr(0, schemeEnd);
+            std::string remaining = uri.substr(schemeEnd + 3);
+
+            size_t hostStart = 0;
+            size_t hostEnd = remaining.find('/');
+            std::string hostPortStr = (hostEnd == std::string::npos) ? remaining : remaining.substr(0, hostEnd);
+
+            size_t portStart = hostPortStr.find(':');
+            std::string hostStr = (portStart == std::string::npos) ? hostPortStr : hostPortStr.substr(0, portStart);
+            std::string portStr = (portStart == std::string::npos) ?"" : hostPortStr.substr(portStart + 1);
+
+            std::string pathStr = (hostEnd == std::string::npos) ?"/" : remaining.substr(hostEnd);
+
+            int portNum = -1;
+            if (!portStr.empty()) {
+                portNum = stoi(portStr);
+            }
+
+            // 检查各个部分的匹配
+            if (scheme && !regex_match(schemeStr, *scheme)) {
+                return false;
+            }
+
+            if (host && !regex_match(hostStr, *host)) {
+                return false;
+            }
+
+            if (port) {
+                if (portNum == -1) {
+                    // 如果没有明确指定端口，使用默认端口
+                    if (schemeStr == "http") portNum = 80;
+                    else if (schemeStr == "https") portNum = 443;
+                    else if (schemeStr == "ftp") portNum = 21;
+                }
+                if (portNum != *port) {
+                    return false;
+                }
+            }
+            if (path && !regex_match(pathStr, *path)) {
+                return false;
+            }
+            return true;
+        }
+    };
+    std::vector<URLPattern> whiteList;
+    bool isLimitedAccess;
+public:
+    
+    Whitelist() : isLimitedAccess(false)
+    {
+    }
+    ~Whitelist()
+    {
+    }
+
+    void addWhiteListEntry(const std::string& origin)
+    {
+        if (isLimitedAccess) {
+            return; // 已经是无限制访问模式
+        }
+        
+        // 无限制访问网络资源
+        if (origin == "*") {
+            isLimitedAccess = true;
+            whiteList.clear();
+            return;
+        }
+
+        // 特定的访问规则
+        std::regex partsRegex("^((\\*|[A-Za-z-]+):(//)?)?(\\*|((\\*\\.)?[^*/:]+))?(:(\\d+))?(/.*)?");
+        std::smatch matches;
+            
+        if (regex_match(origin, matches, partsRegex)) {
+            std::string scheme = matches[2].str();
+            std::string host = matches[4].str();
+            
+            // 特殊处理：file和content协议允许空主机
+            if ((scheme == "file" || scheme == "content") && host.empty()) {
+                host = "*";
+            }
+            
+            std::string port = matches[8].str();
+            std::string path = matches[9].str();
+
+            if (scheme.empty()) {
+                // 如果没有指定协议，默认添加http和https
+                whiteList.emplace_back("http", host, port, path);
+                whiteList.emplace_back("https", host, port, path);
+            } else {
+                whiteList.emplace_back(scheme, host, port, path);
+            }
+        }
+    }
+
+    bool isUrlWhiteListed(const std::string& uri) const
+    {
+        // 如果是无限制访问模式
+        if (isLimitedAccess) {
+            return true;
+        }
+
+        // 在白名单中查找匹配
+        for (const auto& pattern : whiteList) {
+            if (pattern.matches(uri)) {
+                return true;
+            }
+        }
+        
+        return false;
+    }
+
+    // 清空白名单
+    void clear()
+    {
+        whiteList.clear();
+        isLimitedAccess = false;
+    }
+
+    // 获取白名单大小
+    size_t size() const
+    {
+        return whiteList.size();
+    }
+
+    // 检查是否是无限制访问模式
+    bool isUnlimited() const
+    {
+        return isLimitedAccess;
+    }
+};
+#endif //MYAPPLICATION_WHITELIST_H

package/src/main/cpp/Whitelist/WhitelistPlugin.cpp

@@ -0,0 +1,42 @@
+/*
+ * Copyright (c) 2025 Huawei Device, Inc. Ltd. and <马弓手>.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "WhitelistPlugin.h"
+#include "CordovaViewController.h"
+
+REGISTER_PLUGIN_CLASS(WhitelistPlugin)
+bool WhitelistPlugin::execute(const std::string& action, cJSON* args, CallbackContext cbc)
+{
+    return true;
+}
+
+void WhitelistPlugin::pluginInitialize()
+{
+    std::vector<std::string>& vecHostName = *(reinterpret_cast<CordovaViewController*>(Application::g_cordovaViewController))->getConfigHostName();
+    for (int i = 0; i < vecHostName.size(); i++) {
+        if (vecHostName[i] == "*") {
+            m_whitelist.addWhiteListEntry("*");
+        } else {
+            m_whitelist.addWhiteListEntry(vecHostName[i]);
+        }
+    }
+    return;
+}
+
+bool WhitelistPlugin::shouldAllowRequest(const std::string& url)
+{
+    return m_whitelist.isUrlWhiteListed(url);
+}

package/src/main/cpp/Whitelist/WhitelistPlugin.h

@@ -0,0 +1,34 @@
+/*
+ * Copyright (c) 2025 Huawei Device, Inc. Ltd. and <马弓手>.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef MYAPPLICATION_WHITELISTPLUGIN_H
+#define MYAPPLICATION_WHITELISTPLUGIN_H
+
+#include "CordovaPlugin.h"
+#include "Whitelist.h"
+class WhitelistPlugin : public CordovaPlugin {
+    Whitelist m_whitelist;
+public:
+    WhitelistPlugin() {
+    }
+    ~WhitelistPlugin() {
+    }
+    bool execute(const std::string& action, cJSON* args, CallbackContext cbc) override;
+    void pluginInitialize() override;
+    bool shouldAllowRequest(const std::string& url) override;
+};
+
+#endif //MYAPPLICATION_WHITELISTPLUGIN_H