Ahh, missed that, thanks Shazron! 2015-11-11 1:39 GMT+01:00 Shazron <[email protected]>:
> This is handled by this: > > https://github.com/apache/cordova-ios/tree/master/CordovaLib/Classes/Private/Plugins/CDVSystemSchemes > > Doc: > > https://github.com/apache/cordova-docs/commit/80906ac23c77f4ce7a5d330b28fba803736c7253 > > On Tue, Nov 10, 2015 at 7:41 AM, julio cesar sanchez > <[email protected]> wrote: > > What about url schemes? I suppose they won't work unless we allow them > > using the CSP, but, do we have code to handle them? > > > > I've been looking on the source code and > *CDVUIWebViewNavigationDelegate.m, > > *on *shouldStartLoadWithRequest* ask *CDVViewController.m* for* > > shouldOpenExternalURL *that queries all the plugins for > > *shouldOpenExternalURL* method and uses *[[UIApplication > sharedApplication] > > openURL:url];* to open the app. > > > > > > Anyway, the old legacy whitelist return *YES* only for *tel *scheme*, > *and > > the new whitelist doesn't include that method, so I don't think removing > > the plugin will break anything, but is it already broken? > > > > or we should use the inAppBrowser plugins with _system to open other apps > > instead of the whitelist? > > > > > > > > > > 2015-11-10 3:18 GMT+01:00 Shazron <[email protected]>: > > > >> Filed https://issues.apache.org/jira/browse/CB-9972 > >> > >> On Mon, Nov 9, 2015 at 5:18 PM, Carlos Santana <[email protected]> > >> wrote: > >> > Shaz, > >> > Got some feedback but so far nothing extreme to block your > proposal. > >> > > >> > The only concerned was my comments around iOS8 and lower and it looks > >> like CSP is the level of security it will get and that's fine. > >> > > >> > +1 to move forward > >> > > >> > - Carlos > >> > @csantanapr > >> > > >> >> On Nov 9, 2015, at 8:13 PM, Shazron <[email protected]> wrote: > >> >> > >> >> Any updates on your end Carlos? Anyone else have any concerns? I'm > >> >> preparing a PR for review soon. > >> >> > >> >>> On Wed, Nov 4, 2015 at 2:42 PM, Carlos Santana < > [email protected]> > >> wrote: > >> >>> currently evaluating with some other folks at work, will provide > >> feedback > >> >>> soon. > >> >>> > >> >>> On Tue, Nov 3, 2015 at 11:07 PM Tommy-Carlos Williams < > >> [email protected]> > >> >>> wrote: > >> >>> > >> >>>> +1 to letting the OS handle it. > >> >>>> > >> >>>>> On 4 Nov 2015, at 12:44, Jesse <[email protected]> wrote: > >> >>>>> > >> >>>>> I completely support the proposal! > >> >>>>> > >> >>>>> > >> >>>>> @purplecabbage > >> >>>>> risingj.com > >> >>>>> > >> >>>>>> On Tue, Nov 3, 2015 at 5:35 PM, Shazron <[email protected]> > wrote: > >> >>>>>> > >> >>>>>> BUMP. This is important, and is causing a lot of pain for our > users. > >> >>>>>> For example: > >> >>>>>> > >> >>>> > >> > https://github.com/jessemonroy650/top-phonegap-mistakes/blob/master/the-whitelist-system.md > >> >>>>>> > >> >>>>>> > >> >>>>>>> On Mon, Nov 2, 2015 at 5:38 PM, Shazron <[email protected]> > wrote: > >> >>>>>>> To view contents of the PR easily: > >> >>>>>> > >> >>>> > >> > https://github.com/shazron/cordova-discuss/blob/da7af6606848a1b7d96f4d5ee5402360bf5fd53c/proposals/ios-whitelist-removal.md > >> >>>>>>> > >> >>>>>>>> On Mon, Nov 2, 2015 at 5:36 PM, Shazron <[email protected]> > >> wrote: > >> >>>>>>>> PR sent: https://github.com/cordova/cordova-discuss/pull/27 > >> >>>>>>>> > >> >>>>>>>>> On Mon, Nov 2, 2015 at 5:21 PM, Shazron <[email protected]> > >> wrote: > >> >>>>>>>>> Sorry everyone -- I'm structuring it as a PR and will revert > my > >> >>>>>>>>> commits. Will be easier to comment that way > >> >>>>>>>>> > >> >>>>>>>>>> On Mon, Nov 2, 2015 at 5:05 PM, Shazron <[email protected]> > >> wrote: > >> >>>>>> > >> >>>> > >> > https://github.com/cordova/cordova-discuss/blob/master/proposals/ios-whitelist-removal.md > >> >>>>>>>>>> > >> >>>>>>>>>> Comment here or there, etc. I've included flowcharts... > >> >>>>>>>>>> > >> >>>>>>>>>> tldr; remove the whitelist in cordova-ios-4.x. we are not > good > >> at > >> >>>>>>>>>> security, let the OS handle it. > >> >>>>>> > >> >>>>>> > >> --------------------------------------------------------------------- > >> >>>>>> To unsubscribe, e-mail: [email protected] > >> >>>>>> For additional commands, e-mail: [email protected] > >> >>>>>> > >> >>>>>> > >> >>>> > >> >>>> > --------------------------------------------------------------------- > >> >>>> To unsubscribe, e-mail: [email protected] > >> >>>> For additional commands, e-mail: [email protected] > >> >>>> > >> >>>> > >> >> > >> >> --------------------------------------------------------------------- > >> >> To unsubscribe, e-mail: [email protected] > >> >> For additional commands, e-mail: [email protected] > >> >> > >> > > >> > --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: [email protected] > >> > For additional commands, e-mail: [email protected] > >> > > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [email protected] > >> For additional commands, e-mail: [email protected] > >> > >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
