[
https://issues.apache.org/jira/browse/CB-11270?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Tony Homer updated CB-11270:
----------------------------
Description:
In 3.8.0, given an intent directive like
{code}
<allow-intent href="tel:*" />
{code}
, interacting with any of the following elements would result in tel: requests
that would all be allowed:
{code}
<a id="tel-button" href="tel:777777777">do tel with a.href</a>
<a id="tel-a-onclick" onclick="document.location.href='tel:777777777';">do tel
with a.onclick</a>
<button id="tel-button" onclick="document.location.href='tel:777777777';">do
tel with button.onclick</button>
{code}
However, in 4.1.1, only the first interaction will be allowed.
This is because intent directives are only applied to the
UIWebViewNavigationTypeLinkClicked navigationType (the navigationType for the
second and third examples is UIWebViewNavigationTypeOther).
Is this working as intended?
It seems that either the whitelist intent filter in 4+ is not working as
intended or, if working as intended, the documentation should be improved to
spell out this case.
was:
In 3.8.0, given an intent directive like
{code}
<allow-intent href="tel:*" />
{code}
, interacting with any of the following elements would result in tel: requests
that would all be allowed:
{code}
<a id="tel-button" href="tel:777777777">do tel with a.href</a>
<a id="tel-a-onclick" onclick="document.location.href='tel:777777777';">do tel
with a.onclick</a>
<button id="tel-button" onclick="document.location.href='tel:777777777;'">do
tel with button.onclick</button>
{code}
However, in 4.1.1, only the first interaction will be allowed.
This is because intent directives are only applied to the
UIWebViewNavigationTypeLinkClicked navigationType (the navigationType for the
second and third examples is UIWebViewNavigationTypeOther).
Is this working as intended?
It seems that either the whitelist intent filter in 4+ is not working as
intended or, if working as intended, the documentation should be improved to
spell out this case.
> [QUESTION] Is whitelist intent filter working as intended?
> ----------------------------------------------------------
>
> Key: CB-11270
> URL: https://issues.apache.org/jira/browse/CB-11270
> Project: Apache Cordova
> Issue Type: Improvement
> Components: iOS
> Reporter: Tony Homer
> Assignee: Shazron Abdullah
>
> In 3.8.0, given an intent directive like
> {code}
> <allow-intent href="tel:*" />
> {code}
> , interacting with any of the following elements would result in tel:
> requests that would all be allowed:
> {code}
> <a id="tel-button" href="tel:777777777">do tel with a.href</a>
> <a id="tel-a-onclick" onclick="document.location.href='tel:777777777';">do
> tel with a.onclick</a>
> <button id="tel-button" onclick="document.location.href='tel:777777777';">do
> tel with button.onclick</button>
> {code}
> However, in 4.1.1, only the first interaction will be allowed.
> This is because intent directives are only applied to the
> UIWebViewNavigationTypeLinkClicked navigationType (the navigationType for the
> second and third examples is UIWebViewNavigationTypeOther).
> Is this working as intended?
> It seems that either the whitelist intent filter in 4+ is not working as
> intended or, if working as intended, the documentation should be improved to
> spell out this case.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
