[
https://issues.apache.org/jira/browse/CB-7348?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14738412#comment-14738412
]
Shazron Abdullah commented on CB-7348:
--------------------------------------
Re-test this assumption with iOS 9. This was tested in the iOS 8 betas before
they added the security restrictions on file urls.
> [WKWebView] pages that are loaded using file:/// urls respect CORS
> ------------------------------------------------------------------
>
> Key: CB-7348
> URL: https://issues.apache.org/jira/browse/CB-7348
> Project: Apache Cordova
> Issue Type: Sub-task
> Components: iOS
> Environment: iOS 8
> Reporter: Shazron Abdullah
> Assignee: Shazron Abdullah
> Labels: cordova-ios-4.0.x
>
> Not a complaint but an advisory, this is the opposite of what happens in a
> UIWebView, where a page loaded locally is not restricted to CORS and can do
> whatever it wants.
> Try xhr to a local server using: https://gist.github.com/enjalot/2904124
> Note that it works with the wildcard of course. By default, file:// urls give
> the Origin: header as null.
> The only solution is, the destination server MUST return the header
> "Access-Control-Allow-Origin" that matches the wildcard or "null".
> So what is the alternative? Run a local proxy. The PhoneGap Developer App
> does this transparently: https://github.com/phonegap/phonegap-app-developer
> by overriding XMLHttpRequest.open
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
