[CB-7348] [WKWebView] pages that are loaded using file:/// urls respect CORS - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Sub-task
Status: Closed
Priority: Major
Resolution: Not A Problem
Affects Version/s: None
Fix Version/s: None
Component/s: cordova-ios
Labels:
- cordova-ios-4.0.x
Environment:

iOS 8

Description

Not a complaint but an advisory, this is the opposite of what happens in a UIWebView, where a page loaded locally is not restricted to CORS and can do whatever it wants.

Try xhr to a local server using: https://gist.github.com/enjalot/2904124

Note that it works with the wildcard of course. By default, file:// urls give the Origin: header as null.

The only solution is, the destination server MUST return the header "Access-Control-Allow-Origin" that matches the wildcard or "null".

So what is the alternative? Run a local proxy. The PhoneGap Developer App does this transparently: https://github.com/phonegap/phonegap-app-developer by overriding XMLHttpRequest.open

Attachments

Activity

People

Assignee:: Shazron Abdullah

Reporter:: Shazron Abdullah

Votes:: 1 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 20/Aug/14 20:36

Updated:: 23/Aug/18 07:10

Resolved:: 11/Sep/15 22:31