[jira] [Assigned] (CB-10324) Derive whitelist tags from CSP
[ https://issues.apache.org/jira/browse/CB-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steve Gill reassigned CB-10324: --- Assignee: (was: Steve Gill) > Derive whitelist tags from CSP > -- > > Key: CB-10324 > URL: https://issues.apache.org/jira/browse/CB-10324 > Project: Apache Cordova > Issue Type: Improvement > Components: cordova-android, cordova-ios >Affects Versions: 4.0.1 >Reporter: Gregor Schmidt >Priority: Minor > > When dynamically creating an {{iframe}}, the {{iframe}}'s {{src}} is never > loaded. This worked without issues using 3.9.2. > Example Code: > {code:javascript} > i = document.createElement("iframe"); > i.src = "https://example.org;; > document.body.appendChild(i); > {code} > Please note, that you have to extend the {{Content-Security-Policy}} headers > to include {{https:}} to pass CSP restrictions. > I have also created a sample project to reproduce the problem. You may find > it at https://github.com/schmidt/cordova-ios-iframe-example -- This message was sent by Atlassian JIRA (v7.6.3#76005) - To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For additional commands, e-mail: issues-h...@cordova.apache.org
[jira] [Assigned] (CB-10324) Derive whitelist tags from CSP
[ https://issues.apache.org/jira/browse/CB-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Steve Gill reassigned CB-10324: --- Assignee: Steve Gill > Derive whitelist tags from CSP > -- > > Key: CB-10324 > URL: https://issues.apache.org/jira/browse/CB-10324 > Project: Apache Cordova > Issue Type: Improvement > Components: Android, iOS >Affects Versions: 4.0.1 >Reporter: Gregor Schmidt >Assignee: Steve Gill >Priority: Minor > > When dynamically creating an {{iframe}}, the {{iframe}}'s {{src}} is never > loaded. This worked without issues using 3.9.2. > Example Code: > {code:javascript} > i = document.createElement("iframe"); > i.src = "https://example.org;; > document.body.appendChild(i); > {code} > Please note, that you have to extend the {{Content-Security-Policy}} headers > to include {{https:}} to pass CSP restrictions. > I have also created a sample project to reproduce the problem. You may find > it at https://github.com/schmidt/cordova-ios-iframe-example -- This message was sent by Atlassian JIRA (v6.3.4#6332) - To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For additional commands, e-mail: issues-h...@cordova.apache.org