You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by fi...@apache.org on 2013/02/04 08:58:49 UTC
docs commit: CB-2229: defaults for whitelist are to allow all. added more detail to windows phone documentation

Updated Branches:
  refs/heads/master a1c4729ac -> c11bec193


CB-2229: defaults for whitelist are to allow all. added more detail to windows phone documentation


Project: http://git-wip-us.apache.org/repos/asf/cordova-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-docs/commit/c11bec19
Tree: http://git-wip-us.apache.org/repos/asf/cordova-docs/tree/c11bec19
Diff: http://git-wip-us.apache.org/repos/asf/cordova-docs/diff/c11bec19

Branch: refs/heads/master
Commit: c11bec193cbf15030b9c55b19c8803b74ec2b789
Parents: a1c4729
Author: Fil Maj <ma...@gmail.com>
Authored: Mon Feb 4 00:02:24 2013 -0800
Committer: Fil Maj <ma...@gmail.com>
Committed: Mon Feb 4 00:02:24 2013 -0800

----------------------------------------------------------------------
 docs/en/edge/guide/whitelist/index.md |   18 ++++++++++++++----
 1 files changed, 14 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-docs/blob/c11bec19/docs/en/edge/guide/whitelist/index.md
----------------------------------------------------------------------
diff --git a/docs/en/edge/guide/whitelist/index.md b/docs/en/edge/guide/whitelist/index.md
index 0766a07..bfcb4a9 100644
--- a/docs/en/edge/guide/whitelist/index.md
+++ b/docs/en/edge/guide/whitelist/index.md
@@ -23,7 +23,9 @@ Domain Whitelist Guide
 Overview
 --------
 
-Domain whitelisting in Apache Cordova is a security model that controls access to outside domains, such as `http://google.com`. The default security policy is to block all network access. The application developer can then declare access to specific network domains and subdomains.
+Domain whitelisting in Apache Cordova is a security model that controls access to outside domains, such as `http://google.com`.
+
+The default security policy is to allow all network access. Before moving your application to production, it is advised to review your application's whitelist. The application developer is encouraged to declare access to specific network domains and subdomains.
 
 Specification
 -------------
@@ -128,10 +130,18 @@ webOS
 
 Domain whitelisting is unsupported on webOS. By default, all domains are accessible.
 
-Windows Phone
--------------
+Windows Phone (7 & 8)
+---------------------
+
+The whitelisting rules are found in `config.xml` and declared with the element `<access origin="..." />`.
+
+Android has full support for the whitelisting syntax.
 
-Domain whitelisting is unsupported on Windows Phone. By default, all domains are accessible.
+### Syntax
+
+Access to [google.com][2]:
+
+    <access origin="http://google.com" />
 
 Tizen
 ----------