Return-Path: X-Original-To: apmail-incubator-callback-commits-archive@minotaur.apache.org Delivered-To: apmail-incubator-callback-commits-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 714D4968C for ; Thu, 2 Feb 2012 22:34:07 +0000 (UTC) Received: (qmail 92625 invoked by uid 500); 2 Feb 2012 22:34:07 -0000 Delivered-To: apmail-incubator-callback-commits-archive@incubator.apache.org Received: (qmail 92579 invoked by uid 500); 2 Feb 2012 22:34:07 -0000 Mailing-List: contact callback-commits-help@incubator.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: callback-dev@incubator.apache.org Delivered-To: mailing list callback-commits@incubator.apache.org Received: (qmail 92571 invoked by uid 99); 2 Feb 2012 22:34:06 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Feb 2012 22:34:06 +0000 X-ASF-Spam-Status: No, hits=-2000.0 required=5.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.131] (HELO eos.apache.org) (140.211.11.131) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 02 Feb 2012 22:34:05 +0000 Received: from eos.apache.org (localhost [127.0.0.1]) by eos.apache.org (Postfix) with ESMTP id 6EE5381A for ; Thu, 2 Feb 2012 22:33:45 +0000 (UTC) MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable From: Apache Wiki To: Apache Wiki Date: Thu, 02 Feb 2012 22:33:45 -0000 Message-ID: <20120202223345.31126.58611@eos.apache.org> Subject: =?utf-8?q?=5BCordova_Wiki=5D_Update_of_=22NavigationUseCases=22_by_BeckyG?= =?utf-8?q?ibson?= Auto-Submitted: auto-generated Dear Wiki user, You have subscribed to a wiki page or wiki category on "Cordova Wiki" for c= hange notification. The "NavigationUseCases" page has been changed by BeckyGibson: http://wiki.apache.org/cordova/NavigationUseCases New page: Place to list and discuss the navigation use cases that are/should be suppo= rted in PhoneGap =3D=3D iframe within a cordova page =3D=3D user just wants to display some other content within the page and sandbox i= t in an iframe. They do not want to have to worry about any PG commands ge= tting invoked by the pages loaded in the iframe and do not want to have to = specify a whitelist for the iframe. There have been requests where people = DO want to run PG commands from the iframe - need to determine why. * For iOS, currently use of our custom NSURLProtocol is all or nothing - i= t's a whitelist for all connections. We'll have to figure out an exemption = mechanism (it's possible with https://github.com/apache/incubator-cordova-i= os/blob/master/PhoneGapLib/Classes/PGViewController.m#L379 and a config.xml= setting I suppose) =3D=3D childbrowser plugin =3D=3D For example, an app that tracks my blood donations. The user wants to go o= ut to the Red Cross web site to find the next donations in her area. In th= is case I don't want to use the whitelist and I do not want any PG commands= invoked from within the Childbrowser (other than to deal with the events f= rom the Childbrowser). There may be cases where the user does want PG comm= ands within a ChildBrowser - with the new Web View /Cleaver implementations= this could be an option. '''iOS''' For iOS, we will have to have an exemption mechanism for the "all or noth= ing" custom NSURLProtocol. I'm thinking something like this: 1. ChildBrowser registers its app id with our custom NSURLProtocol (PGUR= LProtocol) 1. ChildBrowser receives an access token (randomly generated, only valid= for this app session) from the PGURLProtocol 1. ChildBrowser uses this access token in a custom header in the NSURLRe= quest in webView:shouldStartLoadWithRequest:navigationType: 1. PGURLProtocol will try to read this access token and app id in the he= ader, and if it is found and it matches, skips the whitelist check =3D=3D ajax requests and general resource loading (for example ) =3D= =3D Not really navigation but should respect the whitelist '''iOS''' Believe the UIWebViewNavigationType would give a clue in webView:shouldSt= artLoadWithRequest:navigationType: but this value is ambiguous / not reliab= le =3D=3D page load is programmatic or occurs from a user interaction =3D=3D For example, an ad can load in an iframe (programmatically), and the user c= an touch the ad (user interaction). The desired behavior may be different i= n those cases. * For iOS, the navigationType parameter to shouldStartLoadWithRequest expo= ses this - an example of implementing this use is case here [[https://gist.= github.com/1503552|https://gist.github.com/1503552]] =3D=3D JavaScript invocations to open a new page =3D=3D Should these open in the webview or open in the mobile browser (in the case= of iOS this will leave the app with no way to return via a back button unl= ess the Childbrowser is used). * One would suspect that you would want a remote URL to open in the mobile= browser UNLESS you are loading PhoneGap.js from that location as well and = thus want it in the webView (in which case the whitelist is enforced) = * Remote url would be mobile browser. How would you know that a remote ur= l has PhoneGap.js? I'm assuming this can be solved with answer below (API f= unction) * window.location =3D url * new local or remote location = * Need a way to force opening in the browser (not the webview) and ignorin= g the whitelist check. * Use case? In any case I can't think of a 'standards' way for this - we = would have to provide some API function - if not available, just use docume= nt.location