[
https://issues.apache.org/jira/browse/CB-12566?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sondre Bjellås closed CB-12566.
-------------------------------
Resolution: Not A Problem
> WKWebViewEngine does not use CSP meta-tag, fails to load about:blank
> --------------------------------------------------------------------
>
> Key: CB-12566
> URL: https://issues.apache.org/jira/browse/CB-12566
> Project: Apache Cordova
> Issue Type: Bug
> Components: Plugin WKWebViewEngine
> Reporter: Sondre Bjellås
> Assignee: Shazron Abdullah
>
> When adding the WKWebView plugin to a Cordova project, the CSP meta-tag in
> externally hosted HTML file is probably not used/parsed, or there is another
> way to configure CSP for the plugin?
> Have a working app using the default web view engine on iOS, when it is
> replaced with the WKWebView, the app will log thousands of messages to the
> console. The error also results in Cordova runtime and plugins not being
> loaded and not working in the app.
> The plugin is added with the following elements in config.xml:
> <feature name="CDVWKWebViewEngine">
> <param name="ios-package" value="CDVWKWebViewEngine" />
> </feature>
> <preference name="CordovaWebViewEngine" value="CDVWKWebViewEngine" />
> <plugin name="cordova-plugin-wkwebview-engine" spec="~1.1.2" />
> To see this behavior, simply run the project in the simulator, and then debug
> using Safari and connect to simulator.
> Output in Web Inspect in Safari:
> [blocked] The page at about:blank was not allowed to display insecure content
> from gap://ready.
> This is the current content of the CSP, have attempted many different
> variations with no success:
> <meta http-equiv="Content-Security-Policy" content="frame-src * gap://ready;
> default-src 'self' gap://ready file://* *; connect-src * blob: data:;
> style-src * 'unsafe-inline'; script-src * 'unsafe-eval' 'unsafe-inline';
> img-src data: *">
> (CSP header taken from this issue:
> https://github.com/driftyco/ionic/issues/6928)
> The errors is not logged when the index.html within the app is loaded, but
> appears when externally linked HTML is loaded. Redirect is done using
> JavaScript code that changes window.location.href.
--
This message was sent by Atlassian JIRA
(v6.3.15#6346)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
