I agree with all your statements Marcel. I use this approach frequently in dev for fast turnaround. Ultimately App Store policies decide what can and cannot be done.
Regarding security, there is nothing I can do with a remote page that I can't already do inside my app. It's an issue of trust. Sent from my iPhone > On Aug 1, 2014, at 10:35 AM, Shazron <shaz...@gmail.com> wrote: > > I agree that it is not recommended, but it's possible. I delved into > this question here: > https://github.com/shazron/phonegap-questions/issues/37 > > The PhoneGap Developer App is an example of how this is working at > http://app.phonegap.com but they do some proxying to get around the > CORS limitations I believe. > >> On Fri, Aug 1, 2014 at 10:23 AM, Marcel Kinard <cmarc...@gmail.com> wrote: >> I've been getting occasional questions about users trying to use >> remotely-loaded (non-local) HTML pages with Cordova (in the webview, not >> InAppBrowser), and still expecting to have access to the plugin APIs (camera >> is a popular one). My response so far is: "This is an unsupported >> configuration, because Cordova was not designed for this and the community >> does no testing of this configuration. While it can work in some >> circumstances, it is not recommended nor supported." >> >> My definition of "unsupported" is not that it is incapable, but that we >> don't claim that it is supposed to work, and more importantly, we won't >> actively fix user-submitted defects on this topic. >> >> The main concern I have on this is same origin policy, and matching the >> remotely-served cordova.js with the locally-installed native Cordova >> platform to avoid version mismatch. >> >> Do you think I'm out in-the-weeds on this, or do you agree? >> >> If you agree, what would you think of a blurb in cordova-docs somewhere that >> captures this gist? >> >> Thanks for your feedback!
