You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by mw...@apache.org on 2012/05/19 00:27:25 UTC

[1/2] docs commit: Add content to White List guide.

Updated Branches:
  refs/heads/master 6c51b2bbe -> 59c14cc29


Add content to White List guide.


Project: http://git-wip-us.apache.org/repos/asf/incubator-cordova-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-cordova-docs/commit/59c14cc2
Tree: http://git-wip-us.apache.org/repos/asf/incubator-cordova-docs/tree/59c14cc2
Diff: http://git-wip-us.apache.org/repos/asf/incubator-cordova-docs/diff/59c14cc2

Branch: refs/heads/master
Commit: 59c14cc29148e03a88413725e714a2e1d292f1ed
Parents: 4146452
Author: Michael Brooks <mi...@michaelbrooks.ca>
Authored: Fri May 18 15:20:55 2012 -0700
Committer: Michael Brooks <mi...@michaelbrooks.ca>
Committed: Fri May 18 15:21:14 2012 -0700

----------------------------------------------------------------------
 docs/en/edge/guide/white-list/index.md |   72 ++++++++++++++++++--------
 1 files changed, 50 insertions(+), 22 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-cordova-docs/blob/59c14cc2/docs/en/edge/guide/white-list/index.md
----------------------------------------------------------------------
diff --git a/docs/en/edge/guide/white-list/index.md b/docs/en/edge/guide/white-list/index.md
index c9e9c22..77a4def 100644
--- a/docs/en/edge/guide/white-list/index.md
+++ b/docs/en/edge/guide/white-list/index.md
@@ -20,40 +20,68 @@ license: Licensed to the Apache Software Foundation (ASF) under one
 White List Guide
 ================
 
-This guide will introduce you to Cordova's newest addition: Whitelists. It's intention is to be simple and easy to understand so new and senior Cordova developers can avoid errors while upgrading a project or creating a new one.
+Overview
+--------
 
-Why was this introduced?
-------------------------
+White Listing in Apache Cordova is a security model that controls access to outside domains, such as `http://google.com`. The default security policy is to block all network access. The application developer can then delcare access to specific network domains and subdomains.
 
-A question I asked myself as soon as I got a error while debugging a project after upgrading to 1.6.1.
+Specification
+-------------
 
-This feature was introduced, for developers that weren't sanitizing their links, as to prevent an app state where there is no way back.
+White Listing lays the ground work for the [W3C Widget Access][1] specification. In the Widget Access specification, the `<access>` element is used to declare access to specific network domains. In the future, Apache Cordova will abstract White Listing with the W3C Widget Access specification.
 
-Its current status
-------------------
+Syntax
+------
 
- * **iOS**: Full whitelist support
- * **Android**: Unknown
- * **Windows Phone**: Unknown
- * **BlackBerry**: Unknown
- * **WebOS, Symbian, Bada**: Unknown
+Access to [google.com][2]:
 
-How to edit the whitelist?
---------------------------
+    http://google.com
 
-**iOS**
+Access to the secure [google.com][3] (`https://`):
 
-The easiest way of doing this is by going to your project's *cordova.plist* file and adding a new *String* to the *ExternalHosts* key. That's all!
+    https://google.com
+
+Access to the subdomain [maps.google.com][4]:
+
+    http://maps.google.com
+
+Access to all the subdomains on [google.com][2] (e.g. [mail.google.com][5] and [docs.google.com][6]):
 
-How should a whitelist key look like?
--------------------------------------
+    http://*.google.com
 
-For example, if you want to add [google.com][1] to your whitelist all you have to do is add a new key, as described above, with the following value: `google.com`
+Access to all domains (e.g. [google.com][2] and [developer.mozilla.org][7]):
 
-**Wildcards**
+    *
 
-You can also use wildcards on whitelist keys. If you want to enable all domains possible it's easy, just add a key with the value `*`. If you want to add all the sub-domains to the whitelist, just add a key with a value like this: `*.domain.com`.
+Android
+-------
+
+Bada
+----
+
+BlackBerry
+----------
+
+iOS
+---
+
+The easiest way of doing this is by going to your project's *cordova.plist* file and adding a new *String* to the *ExternalHosts* key. That's all!
 
 Be warned that you should not include a full URL, with the `http://` part, just the sub-domain/domain, like on the examples.
 
-[1]: http://google.com
+Symbian
+-------
+
+webOS
+-----
+
+Windows Phone
+-------------
+
+[1]: http://www.w3.org/TR/widgets-access/
+[2]: http://google.com
+[3]: https://google.com
+[4]: http://maps.google.com
+[5]: http://mail.google.com
+[6]: http://docs.google.com
+[7]: http://developer.mozilla.org