Cordova: Csp Issue On Android When Requesting Data Over Https
Solution 1:
@barbu, your fix in just a second.
One of the things that is baffling me is developers going from a "Development IDE" to Google Play. As someone who builds with Phonegap Build, my workflow does not include a cable and 'adb'. Perhaps you can explain the reasoning with this process.
On you issues, you will need to implement the whitelist system. This worksheet should help. HOW TO apply the Cordova/Phonegap the whitelist system
There is also document that is link from there to the Whitelist CSP Examples. In short, the way it is usually applied is the CSP is expanded from a webbrowser, then that meta element is added to the App. However in your case, you will likely work backwards.
The Fix
Typically, when I give the answer I give the whitelist and CSP. You may be able to start with just the CSP. Best of Luck.
Add this to your config.xml
<allow-navigationhref="*" /><allow-intenthref="*" /><accessorigin="*" /><!-- Required for iOS9 -->NOTE YOUR APP IS NOW INSECURE. IT IS UP TO YOU TO SECURE YOUR APP.
Add the following to your index.html
<metahttp-equiv="Content-Security-Policy"content="default-src *;
style-src * 'self' 'unsafe-inline' 'unsafe-eval';
script-src * 'self' 'unsafe-inline' 'unsafe-eval';">Sidenote:gap: from what I have right now, is only required for Cordova iOS, SEE: Simon Mac Donald Adds
Post a Comment for "Cordova: Csp Issue On Android When Requesting Data Over Https"