[
https://issues.apache.org/jira/browse/CB-7348?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Shazron Abdullah updated CB-7348:
---------------------------------
Summary: [WKWebView] pages that are loaded using file:/// urls respect CORS
(was: WKWebView pages that are loaded using file:/// urls respect CORS)
> [WKWebView] pages that are loaded using file:/// urls respect CORS
> ------------------------------------------------------------------
>
> Key: CB-7348
> URL: https://issues.apache.org/jira/browse/CB-7348
> Project: Apache Cordova
> Issue Type: Sub-task
> Components: iOS
> Environment: iOS 8
> Reporter: Shazron Abdullah
>
> Not a complaint but an advisory, this is the opposite of what happens in a
> UIWebView, where a page loaded locally is not restricted to CORS and can do
> whatever it wants.
> Try xhr to a local server using: https://gist.github.com/enjalot/2904124
> Note that it works with the wildcard of course. By default, file:// urls give
> the Origin: header as null.
> The only solution is, the destination server MUST return the header
> "Access-Control-Allow-Origin" that matches the wildcard or "null".
> So what is the alternative? Run a local proxy. The PhoneGap Developer App
> does this transparently: https://github.com/phonegap/phonegap-app-developer
> by overriding XMLHttpRequest.open
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
