You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cordova.apache.org by "Tony Homer (JIRA)" <ji...@apache.org> on 2016/05/16 15:03:41 UTC

[jira] [Created] (CB-11271) [QUESTION] Is whitelist intent filter working as intended?

Tony Homer created CB-11271:
-------------------------------

             Summary: [QUESTION] Is whitelist intent filter working as intended?
                 Key: CB-11271
                 URL: https://issues.apache.org/jira/browse/CB-11271
             Project: Apache Cordova
          Issue Type: Improvement
          Components: iOS
            Reporter: Tony Homer
            Assignee: Shazron Abdullah


In 3.8.0, given an intent directive like 
{code}
<allow-intent href="tel:*" />
{code}
, interacting with any of the following elements would result in tel: requests that would all be allowed:
{code}
<a id="tel-button" href="tel:777777777">do tel with a.href</a>

<a id="tel-a-onclick" onclick="document.location.href='tel:777777777';">do tel with a.onclick</a>

<button id="tel-button" onclick="document.location.href='tel:777777777;'">do tel with button.onclick</button>
{code}

However, in 4.1.1, only the first interaction will be allowed.
This is because intent directives are only applied to the UIWebViewNavigationTypeLinkClicked navigationType (the navigationType for the second and third examples is UIWebViewNavigationTypeOther).

Is this working as intended?

It seems that either the whitelist intent filter in 4+ is not working as intended or, if working as intended, the documentation should be improved to spell out this case.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org