Shazron Abdullah created CB-7348:
------------------------------------
Summary: WKWebView pages that are loaded using file:/// urls
respect CORS
Key: CB-7348
URL: https://issues.apache.org/jira/browse/CB-7348
Project: Apache Cordova
Issue Type: Sub-task
Components: iOS
Environment: iOS 8
Reporter: Shazron Abdullah
Not a complaint but an advisory, this is the opposite of what happens in a
UIWebView, where a page loaded locally is not restricted to CORS and can do
whatever it wants.
Try xhr to a local server using: https://gist.github.com/enjalot/2904124
Note that it works with the wildcard of course. By default, file:// urls give
the Origin: header as null.
The only solution is, the destination server MUST return the header
"Access-Control-Allow-Origin" that matches the wildcard or "null".
So what is the alternative? Run a local proxy. The PhoneGap Developer App does
this transparently: https://github.com/phonegap/phonegap-app-developer by
overriding XMLHttpRequest.open
--
This message was sent by Atlassian JIRA
(v6.2#6252)
