通过买单吧 app 进行校园卡提额时需要填写家长的手机号等信息,而填写 166 号段手机号会提示手机号格式有误(下图).
QQ图片20191122104648.jpg
怀疑是验证手机号的正则表达式没有考虑到 166 号段的情况.

写一个 xposed 模块拦截买单吧 app 的 webview 资源加载:

    @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
        if (!lpparam.packageName.equals("com.bankcomm.maidanba")) { // 买单吧包名.
            return;
        }

        XposedHelpers.findAndHookMethod(WebViewClient.class, "shouldInterceptRequest", WebView.class, WebResourceRequest.class, new XC_MethodHook() {

            @Override
            protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
                WebResourceRequest request = (WebResourceRequest) param.args[1];

                XposedBridge.log(request.getUrl().toString()); // 把 url 写入 log.

                super.beforeHookedMethod(param);
            }
        });

查看 xposed log,发现有如下几条资源加载 log:

11-20 16:23:28.604 I/Xposed  (26381): https://creditcardapp.bankcomm.com/cbwsFfwbCrliWeb/mobile/resource/css/pui.bankcomm.min.css?v=2019101822
11-20 16:23:28.605 I/Xposed  (26381): https://creditcardapp.bankcomm.com/cbwsFfwbCrliWeb/mobile/resource/css/schoolraiselimit/schoolCard.css?v=2019101822
11-20 16:23:28.605 I/Xposed  (26381): https://creditcardapp.bankcomm.com/cbwsFfwbCrliWeb/mobile/resource/js/schoolraiselimit/jquery-2.2.4.min.js?v=2019101822
11-20 16:23:28.608 I/Xposed  (26381): https://creditcardapp.bankcomm.com/cbwsFfwbCrliWeb/mobile/resource/js/schoolraiselimit/schoolCard.js?v=2019101822
11-20 16:23:29.103 I/Xposed  (26381): https://track.bankcomm.com:8443/nctrack/js/nctrack10.js
11-20 16:23:29.107 I/Xposed  (26381): https://creditcard.bankcomm.com/tdsdk/js/td-h5-hybrid-sdk-event.js
11-20 16:23:29.527 I/Xposed  (26381): https://creditcardapp.bankcomm.com/favicon.ico

其中,schoolCard.js 比较可疑,查看下源码(截取部分):


    //填写信息页面
    $(".next-btn").on("click", function(e){
        var _this = $(this);
        if(_this.hasClass("disabled")){
            return false;
        }
        else if (pcccValid.formSubmit(e, pcccValid.nullval)){
            if(pcccValid.validForm()){
                var parentName = $("#parentName").val();
                var parentCertNo = $("#parentCertNo").val();
                var parentPhoneNumber = $("#parentPhoneNumber").val();
                $.ajax({
                    type: 'post',
                    url: base+'/member/adjust/limit/schoolResult.json',
                    data:{"cardNo":cardNo,"parentName":parentName,"parentCertNo":parentCertNo,"parentPhoneNumber":parentPhoneNumber},
                    dataType: 'json',
                    success: function(result){
                        if (result.code=="0") {
                            $("#creditPop").show();
                        }else{
                            window.location.href = base+"/member/adjust/limit/parent/raise/failureJump.html?code="+result.code+"&cdaRsnCode="+result.CdaRsnCode;
                        }
                    }
                });
            }
        }
    });

pcccValid.validForm() 应该是判断输入是否合法的函数,注释掉这一行.后用 xposed 模块拦截此 js,替换成注释后的源码:


    @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
        if (!lpparam.packageName.equals("com.bankcomm.maidanba")) {
            return;
        }

        XposedHelpers.findAndHookMethod(WebViewClient.class, "shouldInterceptRequest", WebView.class, WebResourceRequest.class, new XC_MethodHook() {

            @Override
            protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
                WebResourceRequest request = (WebResourceRequest) param.args[1];

                XposedBridge.log(request.getUrl().toString());

                if (request.getUrl().toString().contains("schoolCard.js")) {
                    param.setResult(replacePage());
                    XposedBridge.log("replace ok");
                }

                super.beforeHookedMethod(param);
            }
        });
    private WebResourceResponse replacePage() {

        InputStream inputStream = new ByteArrayInputStream(CONTENT.getBytes());
        return new WebResourceResponse("", "utf-8", inputStream);
    }

重启手机,重新提交提额申请,成功.
QQ图片20191122105624.png

家长的 166 手机号收到短信后,成功提额.

其他

我在这篇文章编写前数次指点交行客服,说明无法验证手机号的情况.而客服给到的回复却是"无法验证 166 号段少是正常的,建议我换一个手机号验证".这就很有趣了,明明是自身的问题,却让用户自行想办法解决.这就是所谓的解决不了问题,就解决提出问题的人吗?