[flutter_inappwebview_android] Fix Android Java deprecation warnings (batch 1)

[Khairul989]

Connection with issue(s)

Resolve issue #2641
Resolve issue #2685

Connected to #1627

Summary

First batch of mechanical, low-risk fixes for the Android javac deprecation warnings reported against the flutter_inappwebview_android package when compiling with compileSdk 36 and Java 17.

Changes

1. new Long(String) → Long.parseLong(String)
   • MyCookieManager.java (cookie expiresDate parsing)
2. new Handler() → new Handler(Looper.getMainLooper())
   • InAppWebView.java static mHandler (Looper was already imported)
3. Pre-LOLLIPOP CookieSyncManager fallbacks — calls were already SDK-gated inside Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP branches. Added @SuppressWarnings("deprecation") on the enclosing methods to silence the warnings without changing behavior on minSdk 19/20:
   • MyCookieManager.java: setCookie, deleteCookie, deleteCookies, deleteAllCookies, removeSessionCookies, flush
   • InAppWebViewClient.onPageFinished
   • InAppWebViewClientCompat.onPageFinished
4. CookieManager.removeSessionCookie() / removeAllCookie()
   • Two previously ungated removeSessionCookie() calls in InAppWebView.java (the clearSessionCache setting path, in both setSettings and setNewSettings) are now routed through a new private clearSessionCookies() helper that calls removeSessionCookies(null) on API 21+ and falls back to the deprecated sync variant on pre-LOLLIPOP.
   • setIncognito and clearCookies in InAppWebView.java already had the correct SDK gate for removeAllCookie(); annotated with @SuppressWarnings("deprecation").

Warning count (debug build of flutter_inappwebview/example/ with compileSdk 36, Java 17, -Xlint:deprecation -Xlint:unchecked)

Measured via ./gradlew :flutter_inappwebview_android:compileDebugJavaWithJavac --rerun-tasks with an init script adding the -Xlint flags.

	javac warning: [...] count
master (before)	266
this branch (after)	213
eliminated	53

Categories eliminated: all CookieSyncManager (createInstance, startSync, stopSync, sync), all Handler(), all new Long(String), all CookieManager.removeAllCookie / removeSessionCookie.

Testing and Review Notes

• No public API changes. No flutter_inappwebview_platform_interface contract touched. No code generation needed.
• minSdkVersion is 19, so CookieSyncManager / removeAllCookie() / removeSessionCookie() must still compile and run on API 19–20. All deprecated calls are preserved behind a Build.VERSION.SDK_INT < Build.VERSION_CODES.LOLLIPOP check.
• On API 21+, behavior is unchanged for setIncognito and clearCookies (already using removeAllCookies(...)).

⚠️ Semantic note worth reviewer attention

The new clearSessionCookies() helper uses CookieManager.removeSessionCookies(null) on API 21+, which is asynchronous, whereas the previous code called removeSessionCookie() synchronously. The call site is the clearSessionCache settings path (InAppWebView.java in setSettings / setNewSettings) — it is fire-and-forget, so no downstream code in this plugin awaits completion. If reviewers want to preserve strict sync semantics, passing a ValueCallback that completes a latch is possible, but I don't think any caller depends on sync clearing here.

Verification steps for reviewers

cd flutter_inappwebview/example/android
# optional: echo "org.gradle.jvmargs=-Xmx4G" replacement in gradle.properties if OOM
./gradlew :flutter_inappwebview_android:compileDebugJavaWithJavac --rerun-tasks \
  --init-script <(echo 'allprojects { tasks.withType(JavaCompile).configureEach { options.compilerArgs.addAll(["-Xlint:deprecation","-Xlint:unchecked"]) } }') \
  2>&1 | grep -cE "warning: \[(deprecation|unchecked)\]"

Out of scope (deferred to follow-up PRs)

These are intentionally not in this batch because they change behavior or public API:

• setForceDark / setForceDarkStrategy → setAlgorithmicDarkeningAllowed
• setSaveFormData / setSavePassword (no-ops on modern APIs)
• SYSTEM_UI_FLAG_* → WindowInsetsController
• AbsoluteLayout.LayoutParams
• NARROW_COLUMNS (public LayoutAlgorithm enum)
• Bundle.getSerializable(String) → (String, Class) (API 33)
• createPrintDocumentAdapter() (no-arg)
• SAFE_BROWSING_WHITELIST / setSafeBrowsingWhitelist → …Allowlist (AndroidX)
• setAllowFileAccessFromFileURLs / setAllowUniversalAccessFromFileURLs (security, see Bug Report / Security Concern: Deprecated setAllowUniversalAccessFromFileURLs Used (Insecure File Access) #2700)
• Edge-to-edge Window APIs — already addressed by fix: skip deprecated navigation bar color APIs on Android 15 (API 35) #2729

Screenshots or Videos

N/A (no UI changes).

To Do

• double check the original issue to confirm it is fully satisfied
• add testing notes and screenshots in PR description to help guide reviewers
• request the "UX" team perform a design review (not applicable)

[arrrrny]

Hey @Khairul989! We've applied parts of your deprecation warning cleanup batch (#2817) into the zikzak_inappwebview fork — including the new Handler(Looper.getMainLooper()) fix, the clearSessionCookies() helper, and @SuppressWarnings("deprecation") annotations on the WebView client classes. Note that some of the fixes were already in place since our fork had already diverged. Thanks for the contribution! 🚀

https://github.com/arrrrny/zikzak_inappwebview