[GitHub] [cordova] breautek commented on issue #289: Content Security Policy causing problems on iPhone

[GitBox <gi...@apache.org>]

breautek commented on issue #289:
URL: https://github.com/apache/cordova/issues/289#issuecomment-855295488


   That isn't  a content security issue, its cors issue (two independent browser security features).
   
   Cors is a backend server configuration thing. If you're hitting an external server, then you must configure the server to respond to the request with the appropriate headers. I have a [blog post](https://breautek.com/articles/enabling-cors.html) that goes into more detail.
   
   If you're hitting a local endpoint, such as attempting to load an angular template for example, then you must either enable schemes[1] or use an xhr fix plugin[2].
   
   [1] schemes were introduced as part of the UIwebview to wkwebview migration: https://cordova.apache.org/howto/2020/07/18/uiwebview-warning.html
   
   OR
   
   [2] https://github.com/oracle/cordova-plugin-wkwebview-file-xhr
   
   Since this isn't a bug I'll be closing this issue. If you require more assistance, our [slack](http://slack.cordova.io/) community can help you out. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org