[CB-10324] Derive whitelist tags from CSP - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Won't Do
Affects Version/s: 4.0.1
Fix Version/s: None
Component/s: cordova-android, cordova-ios
Labels:
None

Description

When dynamically creating an iframe, the iframe's src is never loaded. This worked without issues using 3.9.2.

Example Code:

i = document.createElement("iframe");
i.src = "https://example.org";
document.body.appendChild(i);

Please note, that you have to extend the Content-Security-Policy headers to include https: to pass CSP restrictions.

I have also created a sample project to reproduce the problem. You may find it at https://github.com/schmidt/cordova-ios-iframe-example

Attachments

Activity

People

Assignee:: Unassigned

Reporter:: Gregor Schmidt

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 12/Jan/16 12:20

Updated:: 29/Nov/19 12:46

Resolved:: 29/Nov/19 12:46