You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Jacob Weber (JIRA)" <ji...@apache.org> on 2016/03/04 00:42:18 UTC

[jira] [Updated] (CB-10778) Documentation inaccurate

     [ https://issues.apache.org/jira/browse/CB-10778?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jacob Weber updated CB-10778:
-----------------------------
    Description: 
h3. Issue 1:
https://github.com/apache/cordova-plugin-whitelist states:

"Intent Whitelist ... does not apply to plugins, only hyperlinks and calls to window.open()."

At least on Android, <allow-intent> doesn't seem to affect window.open calls when InAppBrowser is installed. For example, this doesn't use the whitelist:
{code}
window.open('market://details?id=com.example.android', '_system');
{code}
but this does:
{code}
window.location = 'market://details?id=com.example.android';
{code}

h3. Issue 2:
https://github.com/apache/cordova-plugin-whitelist states:

"Navigation Whitelist...controls which URLs the WebView itself can be navigated to. Applies to top-level navigations only. Quirks: on Android it also applies to iframes for non-http(s) schemes."

On iOS, this seems to apply to iframes as well. If I insert an iframe into the top-level page, it won't be loaded without an <allow-navigation> entry for the iframe's src.

  was:
https://github.com/apache/cordova-plugin-whitelist states:

"Intent Whitelist ... does not apply to plugins, only hyperlinks and calls to window.open()."

At least on Android, <allow-intent> doesn't seem to affect window.open calls when InAppBrowser is installed. For example, this doesn't use the whitelist:
{code}
window.open('market://details?id=com.example.android', '_system');
{code}
but this does:
{code}
window.location = 'market://details?id=com.example.android';
{code}



> Documentation inaccurate
> ------------------------
>
>                 Key: CB-10778
>                 URL: https://issues.apache.org/jira/browse/CB-10778
>             Project: Apache Cordova
>          Issue Type: Improvement
>          Components: Docs, Plugin Whitelist
>         Environment: Cordova for Android 5.1.1
>            Reporter: Jacob Weber
>            Priority: Minor
>
> h3. Issue 1:
> https://github.com/apache/cordova-plugin-whitelist states:
> "Intent Whitelist ... does not apply to plugins, only hyperlinks and calls to window.open()."
> At least on Android, <allow-intent> doesn't seem to affect window.open calls when InAppBrowser is installed. For example, this doesn't use the whitelist:
> {code}
> window.open('market://details?id=com.example.android', '_system');
> {code}
> but this does:
> {code}
> window.location = 'market://details?id=com.example.android';
> {code}
> h3. Issue 2:
> https://github.com/apache/cordova-plugin-whitelist states:
> "Navigation Whitelist...controls which URLs the WebView itself can be navigated to. Applies to top-level navigations only. Quirks: on Android it also applies to iframes for non-http(s) schemes."
> On iOS, this seems to apply to iframes as well. If I insert an iframe into the top-level page, it won't be loaded without an <allow-navigation> entry for the iframe's src.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org