cordova-plugins git commit: Update url-policy README to describe tag for non CSP webviews

[mm...@apache.org]

Repository: cordova-plugins
Updated Branches:
  refs/heads/master f7019821e -> 3ed17046e


Update url-policy README to describe <access> tag for non CSP webviews


Project: http://git-wip-us.apache.org/repos/asf/cordova-plugins/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-plugins/commit/3ed17046
Tree: http://git-wip-us.apache.org/repos/asf/cordova-plugins/tree/3ed17046
Diff: http://git-wip-us.apache.org/repos/asf/cordova-plugins/diff/3ed17046

Branch: refs/heads/master
Commit: 3ed17046ea7efaeccda4c4ffe82bb351e8b966f1
Parents: f701982
Author: Michal Mocny <mm...@gmail.com>
Authored: Tue Mar 3 13:11:18 2015 -0500
Committer: Michal Mocny <mm...@gmail.com>
Committed: Tue Mar 3 13:11:18 2015 -0500

----------------------------------------------------------------------
 url-policy/README.md | 2 ++
 1 file changed, 2 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/3ed17046/url-policy/README.md
----------------------------------------------------------------------
diff --git a/url-policy/README.md b/url-policy/README.md
index b27a948..84d6e75 100644
--- a/url-policy/README.md
+++ b/url-policy/README.md
@@ -61,6 +61,8 @@ In `config.xml`, add `<allow-intent>` tags, like this:
 ## Network Request Whitelist
 Controls which network requests (images, XHRs, etc) are allowed to be made.
 
+Note: Please use a Content Security Policy (see below) instead (or also), since it is more secure.  This whitelist is mostly historical for webviews which do not support CSP.
+
 By default, only requests to `file://` URLs are allowed.
 
 In `config.xml`, add `<access>` tags, like this:


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org