You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by ag...@apache.org on 2015/03/03 03:33:07 UTC

cordova-plugins git commit: Tweak url-policy readme

Repository: cordova-plugins
Updated Branches:
  refs/heads/master 9e6a77805 -> 1f5aa23f9


Tweak url-policy readme


Project: http://git-wip-us.apache.org/repos/asf/cordova-plugins/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-plugins/commit/1f5aa23f
Tree: http://git-wip-us.apache.org/repos/asf/cordova-plugins/tree/1f5aa23f
Diff: http://git-wip-us.apache.org/repos/asf/cordova-plugins/diff/1f5aa23f

Branch: refs/heads/master
Commit: 1f5aa23f9eb878a9f4bb15bf0cc64f255cbb7947
Parents: 9e6a778
Author: Andrew Grieve <ag...@chromium.org>
Authored: Mon Mar 2 21:32:59 2015 -0500
Committer: Andrew Grieve <ag...@chromium.org>
Committed: Mon Mar 2 21:32:59 2015 -0500

----------------------------------------------------------------------
 url-policy/README.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-plugins/blob/1f5aa23f/url-policy/README.md
----------------------------------------------------------------------
diff --git a/url-policy/README.md b/url-policy/README.md
index b5db680..b27a948 100644
--- a/url-policy/README.md
+++ b/url-policy/README.md
@@ -30,6 +30,7 @@ other schemes, you must add `<allow-navigation>` tags to your `config.xml`:
 
 ## Intent Whitelist
 Controls which URLs the app is allowed to ask the system to open.
+By default, no external URLs are allowed.
 
 On Android, this equates to sending an intent of type BROWSEABLE.
 
@@ -81,9 +82,9 @@ In `config.xml`, add `<access>` tags, like this:
     <access origin="*" />
 
 ### Content Security Policy
-The network whitelist is not able to filter all types of requests (e.g.
+On Android and iOS, the network whitelist is not able to filter all types of requests (e.g.
 `<video>` & WebSockets are not blocked). So, in addition to the whitelist,
- you use a [Content Security Policy](http://content-security-policy.com/) `<meta>` tag
+you should use a [Content Security Policy](http://content-security-policy.com/) `<meta>` tag
 on all of your pages.
 
 On Android, support for CSP within the system webview starts with KitKat.


---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org