You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Shazron Abdullah (JIRA)" <ji...@apache.org> on 2014/09/17 22:49:34 UTC
[jira] [Updated] (CB-7348) [WKWebView] pages that are loaded using
file:/// urls respect CORS
[ https://issues.apache.org/jira/browse/CB-7348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shazron Abdullah updated CB-7348:
---------------------------------
Summary: [WKWebView] pages that are loaded using file:/// urls respect CORS (was: WKWebView pages that are loaded using file:/// urls respect CORS)
> [WKWebView] pages that are loaded using file:/// urls respect CORS
> ------------------------------------------------------------------
>
> Key: CB-7348
> URL: https://issues.apache.org/jira/browse/CB-7348
> Project: Apache Cordova
> Issue Type: Sub-task
> Components: iOS
> Environment: iOS 8
> Reporter: Shazron Abdullah
>
> Not a complaint but an advisory, this is the opposite of what happens in a UIWebView, where a page loaded locally is not restricted to CORS and can do whatever it wants.
> Try xhr to a local server using: https://gist.github.com/enjalot/2904124
> Note that it works with the wildcard of course. By default, file:// urls give the Origin: header as null.
> The only solution is, the destination server MUST return the header "Access-Control-Allow-Origin" that matches the wildcard or "null".
> So what is the alternative? Run a local proxy. The PhoneGap Developer App does this transparently: https://github.com/phonegap/phonegap-app-developer by overriding XMLHttpRequest.open
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)