[
https://issues.apache.org/jira/browse/CB-12709?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16178878#comment-16178878
]
sandstrom commented on CB-12709:
--------------------------------
Google started blocking the webview for OAuth in spring 2017[1]. It's still
possible to work-around, by overriding the user-agent string. But that has
other downsides.
Our app has relied on this for OAuth for several years, but we are going to
attempt to migrate to SFSafariViewController and Chrome Custom tabs, plus a
custom url-scheme[2]. I don't know if it'll work yet, because we haven't
started, but seems like it might.
I should also mention that deep-links doesn't seem to be useful here, because
of some quirks in iOS where they may not always open the app[3]. Basically the
deep-links require the content to be semantically equivalent on the website and
in the app, since there is no guarantee that it will launch the app.
I know you've already decided to keep the plugin. But as long as it's possible
to implement OAuth without this plugin (which remains to be seen) I'd vote for
deprecating this plugin.
[1]
https://developers.googleblog.com/2016/08/modernizing-oauth-interactions-in-native-apps.html
[2] Something along these lines:
https://medium.com/@jlchereau/stop-using-inappbrowser-for-your-cordova-phonegap-oauth-flow-a806b61a2dc5
[3]
https://github.com/nordnet/cordova-universal-links-plugin#how-links-handled-in-safari
> InAppBrowser - KEEP
> -------------------
>
> Key: CB-12709
> URL: https://issues.apache.org/jira/browse/CB-12709
> Project: Apache Cordova
> Issue Type: Sub-task
> Components: cordova-plugin-inappbrowser
> Reporter: Shazron Abdullah
>
> See parent issue.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
