mgatto opened a new issue, #621: URL: https://github.com/apache/cordova-cli/issues/621
# Feature Request ## Motivation Behind Feature <!-- Why should this feature be implemented? What problem does it solve? --> In some development environments, an API is served over SSL via the protocol https. Communicating with that API from a Cordova browser instance on a developer's machine is very efficient work flow. However, modern browsers disallow cross-origin communications between insecure and secured servers. In this case, the secured server is the API, and the insecure server is the current cordova-browser instance served with Node's http module. This is because it is always served without SSL. ## Feature Description <!-- Describe your feature request in detail Please provide any code examples or screenshots of what this feature would look like Are there any drawbacks? Will this break anything for existing users? --> The parent issue is in the cordova-browser repo with a full description, partially reproduced in this ticket: https://github.com/apache/cordova-browser/issues/122 ## Alternatives or Workarounds <!-- Describe alternatives or workarounds you are currently using Are there ways to do this with existing functionality? --> Exposing the API over non-secure http is an alternative. In my context, this was rejected strongly for security reasons, especially relating to corporate security accountability programs. The second is that a developer independently hacks their local cordova installation to enable https. This is suboptimal since upgrading becomes a hassle, requiring careful VCS audits to restore erased, custom code. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
