@quiltt/react-native 3.6.7 → 3.6.8

package/CHANGELOG.md

@@ -1,5 +1,15 @@
 # @quiltt/react-native
 
+## 3.6.8
+
+### Patch Changes
+
+- [#258](https://github.com/quiltt/quiltt-js/pull/258) [`dc97e95`](https://github.com/quiltt/quiltt-js/commit/dc97e95dfa73bc1ccf09add6af70e4f95a458fab) Thanks [@rubendinho](https://github.com/rubendinho)! - Add URLs to WebView allowList
+
+- Updated dependencies [[`dc97e95`](https://github.com/quiltt/quiltt-js/commit/dc97e95dfa73bc1ccf09add6af70e4f95a458fab)]:
+  - @quiltt/core@3.6.8
+  - @quiltt/react@3.6.8
+
 ## 3.6.7
 
 ### Patch Changes

package/dist/index.cjs

@@ -11,7 +11,7 @@ var reactNative = require('react-native');
 var util = require('@honeybadger-io/core/build/src/util');
 
 // Generated by genversion.
-const version = '3.6.7';
+const version = '3.6.8';
 
 const AndroidSafeAreaView = ({ testId, children })=>/*#__PURE__*/ jsxRuntime.jsx(reactNative.SafeAreaView, {
         testID: testId,
@@ -320,14 +320,20 @@ const QuilttConnector = ({ testId, connectorId, connectionId, institution, oauth
         session?.token
     ]);
     // allowedListUrl & shouldRender ensure we are only rendering Quiltt, MX and Plaid content in Webview
-    // For other urls, we assume those are bank urls, which needs to be handle in external browser.
+    // For other urls, we assume those are bank urls, which need to be handled in external browser.
     // TODO: Convert it to a list from Quiltt Server to prevent MX/ Plaid changes.
     const allowedListUrl = react$1.useMemo(()=>[
+            'quiltt.io',
             'quiltt.app',
             'quiltt.dev',
             'moneydesktop.com',
-            'cdn.plaid.com',
-            'www.google.com'
+            'plaid.com',
+            'https://cdn.plaid.com/link',
+            'https://www.google.com/recaptcha',
+            'https://challenges.cloudflare.com',
+            'https://api.stripe.com',
+            'https://cdn.jsdelivr.net',
+            'https://auth0.com'
         ], []);
     const isQuilttEvent = react$1.useCallback((url)=>url.protocol === 'quilttconnector:', []);
     const shouldRender = react$1.useCallback((url)=>{

package/dist/index.js

@@ -10,7 +10,7 @@ import { StyleSheet, Platform, StatusBar, SafeAreaView, View, Text, Pressable, A
 import { generateStackTrace, makeBacktrace, getCauses } from '@honeybadger-io/core/build/src/util';
 
 // Generated by genversion.
-const version = '3.6.7';
+const version = '3.6.8';
 
 const AndroidSafeAreaView = ({ testId, children })=>/*#__PURE__*/ jsx(SafeAreaView, {
         testID: testId,
@@ -319,14 +319,20 @@ const QuilttConnector = ({ testId, connectorId, connectionId, institution, oauth
         session?.token
     ]);
     // allowedListUrl & shouldRender ensure we are only rendering Quiltt, MX and Plaid content in Webview
-    // For other urls, we assume those are bank urls, which needs to be handle in external browser.
+    // For other urls, we assume those are bank urls, which need to be handled in external browser.
     // TODO: Convert it to a list from Quiltt Server to prevent MX/ Plaid changes.
     const allowedListUrl = useMemo(()=>[
+            'quiltt.io',
             'quiltt.app',
             'quiltt.dev',
             'moneydesktop.com',
-            'cdn.plaid.com',
-            'www.google.com'
+            'plaid.com',
+            'https://cdn.plaid.com/link',
+            'https://www.google.com/recaptcha',
+            'https://challenges.cloudflare.com',
+            'https://api.stripe.com',
+            'https://cdn.jsdelivr.net',
+            'https://auth0.com'
         ], []);
     const isQuilttEvent = useCallback((url)=>url.protocol === 'quilttconnector:', []);
     const shouldRender = useCallback((url)=>{

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@quiltt/react-native",
-  "version": "3.6.7",
+  "version": "3.6.8",
   "description": "React Native components for Quiltt Connector",
   "homepage": "https://github.com/quiltt/quiltt-js/tree/main/packages/react-native#readme",
   "repository": {
@@ -27,8 +27,8 @@
   ],
   "dependencies": {
     "@honeybadger-io/core": "6.6.0",
-    "@quiltt/core": "3.6.7",
-    "@quiltt/react": "3.6.7"
+    "@quiltt/core": "3.6.8",
+    "@quiltt/react": "3.6.8"
   },
   "devDependencies": {
     "@apollo/client": "3.9.9",

package/src/components/QuilttConnector.tsx

@@ -87,10 +87,22 @@ const QuilttConnector = ({
   }, [connectionId, connectorId, institution, session?.token])
 
   // allowedListUrl & shouldRender ensure we are only rendering Quiltt, MX and Plaid content in Webview
-  // For other urls, we assume those are bank urls, which needs to be handle in external browser.
+  // For other urls, we assume those are bank urls, which need to be handled in external browser.
   // TODO: Convert it to a list from Quiltt Server to prevent MX/ Plaid changes.
   const allowedListUrl = useMemo(
-    () => ['quiltt.app', 'quiltt.dev', 'moneydesktop.com', 'cdn.plaid.com', 'www.google.com'],
+    () => [
+      'quiltt.io',
+      'quiltt.app',
+      'quiltt.dev',
+      'moneydesktop.com',
+      'plaid.com',
+      'https://cdn.plaid.com/link',
+      'https://www.google.com/recaptcha',
+      'https://challenges.cloudflare.com',
+      'https://api.stripe.com',
+      'https://cdn.jsdelivr.net',
+      'https://auth0.com',
+    ],
     []
   )
 

package/src/version.ts

@@ -1,2 +1,2 @@
 // Generated by genversion.
-export const version = '3.6.7'
+export const version = '3.6.8'