Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Fixed
-
None
-
None
-
iOS
Description
Basically the default for the access tag, if it's not present is the wildcard "*"
It's as if this tag is there if not present:
<access origin="*" />
ML thread: http://markmail.org/message/j3kd4lug65jdiiba
From Carlos:
But we need better docs to explain the differences between legacy-whitelist and whitelist And more detailed explanation on how to create a proper config.xml that works across the board for ios and android. What about windows? Also to look on how to have a good config.xml in hello-world template, since most users will start with this first and I would like to be secure by default and they open. meaning rely on CSP, and only use config.xml for x, y, z