[jira] [Assigned] (CB-10324) Derive whitelist tags from CSP
[
https://issues.apache.org/jira/browse/CB-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Gill reassigned CB-10324:
---
Assignee: (was: Steve Gill)
> Derive whitelist tags from CSP
> --
>
> Key: CB-10324
> URL: https://issues.apache.org/jira/browse/CB-10324
> Project: Apache Cordova
> Issue Type: Improvement
> Components: cordova-android, cordova-ios
>Affects Versions: 4.0.1
>Reporter: Gregor Schmidt
>Priority: Minor
>
> When dynamically creating an {{iframe}}, the {{iframe}}'s {{src}} is never
> loaded. This worked without issues using 3.9.2.
> Example Code:
> {code:javascript}
> i = document.createElement("iframe");
> i.src = "https://example.org;;
> document.body.appendChild(i);
> {code}
> Please note, that you have to extend the {{Content-Security-Policy}} headers
> to include {{https:}} to pass CSP restrictions.
> I have also created a sample project to reproduce the problem. You may find
> it at https://github.com/schmidt/cordova-ios-iframe-example
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
-
To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org
For additional commands, e-mail: issues-h...@cordova.apache.org
[jira] [Assigned] (CB-10324) Derive whitelist tags from CSP
[
https://issues.apache.org/jira/browse/CB-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Steve Gill reassigned CB-10324:
---
Assignee: Steve Gill
> Derive whitelist tags from CSP
> --
>
> Key: CB-10324
> URL: https://issues.apache.org/jira/browse/CB-10324
> Project: Apache Cordova
> Issue Type: Improvement
> Components: Android, iOS
>Affects Versions: 4.0.1
>Reporter: Gregor Schmidt
>Assignee: Steve Gill
>Priority: Minor
>
> When dynamically creating an {{iframe}}, the {{iframe}}'s {{src}} is never
> loaded. This worked without issues using 3.9.2.
> Example Code:
> {code:javascript}
> i = document.createElement("iframe");
> i.src = "https://example.org;;
> document.body.appendChild(i);
> {code}
> Please note, that you have to extend the {{Content-Security-Policy}} headers
> to include {{https:}} to pass CSP restrictions.
> I have also created a sample project to reproduce the problem. You may find
> it at https://github.com/schmidt/cordova-ios-iframe-example
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
-
To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org
For additional commands, e-mail: issues-h...@cordova.apache.org
