I am facing the problem "MyViewcontroller using a NULL baseURL argument with the loadHTMLString baseURL method : data theorem"- i have successfully completed my task and all are working fine.
The Issue was in the OSWAP security scan for vulnerability it shows the above error.
My code snippet:-
NSString *aHtmlString = kEmptyString;
// Getting the bool from configuration plist
NSString *thePlistPath = [[NSBundle mainBundle] pathForResource:@"config" ofType:@"plist"];
NSDictionary *theURLdata = [[NSDictionary alloc] initWithContentsOfFile:thePlistPath];
is
ServerFAQAvailable = [[theURLdata valueForKey:kIsServerFAQAvailableKey] boolValue];
if (one || two || three) {
aHtmlString = [self loadFAQFor];
} else {
aHtmlString = [self loadFAQForwithout];
}
NSURL *baseURL = [NSURL fileURLWithPath:thePlistPath];
[self.faqWebView loadHTMLString:aHtmlString baseURL:baseURL];
Update:
if (one || two || three) {
aHtmlString = [self loadFAQFor];
} else {
aHtmlString = [self loadFAQForwithout];
}
NSURL *baseURL = [NSURL fileURLWithPath:@"about:blank"];
[self.faqWebView loadHTMLString:aHtmlString baseURL:baseURL];
Still shows me scan issue
The issue is the baseURL:
parameter. BaseURL isn't needed for an html string, it is usually used for relative links. If all you're trying to do is show some html, are you sure you need it?
The security issue flagged makes sense (my understanding, roughly): If a webview's baseURL is set to the local file system, then a page loaded (eventually) through that webview could access local resources.
Try passing nil for baseURL:
should silence this warning.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With