cordova-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From fil...@apache.org
Subject docs commit: CB-2229: defaults for whitelist are to allow all. added more detail to windows phone documentation
Date Mon, 04 Feb 2013 07:58:49 GMT
Updated Branches:
  refs/heads/master a1c4729ac -> c11bec193


CB-2229: defaults for whitelist are to allow all. added more detail to windows phone documentation


Project: http://git-wip-us.apache.org/repos/asf/cordova-docs/repo
Commit: http://git-wip-us.apache.org/repos/asf/cordova-docs/commit/c11bec19
Tree: http://git-wip-us.apache.org/repos/asf/cordova-docs/tree/c11bec19
Diff: http://git-wip-us.apache.org/repos/asf/cordova-docs/diff/c11bec19

Branch: refs/heads/master
Commit: c11bec193cbf15030b9c55b19c8803b74ec2b789
Parents: a1c4729
Author: Fil Maj <maj.fil@gmail.com>
Authored: Mon Feb 4 00:02:24 2013 -0800
Committer: Fil Maj <maj.fil@gmail.com>
Committed: Mon Feb 4 00:02:24 2013 -0800

----------------------------------------------------------------------
 docs/en/edge/guide/whitelist/index.md |   18 ++++++++++++++----
 1 files changed, 14 insertions(+), 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cordova-docs/blob/c11bec19/docs/en/edge/guide/whitelist/index.md
----------------------------------------------------------------------
diff --git a/docs/en/edge/guide/whitelist/index.md b/docs/en/edge/guide/whitelist/index.md
index 0766a07..bfcb4a9 100644
--- a/docs/en/edge/guide/whitelist/index.md
+++ b/docs/en/edge/guide/whitelist/index.md
@@ -23,7 +23,9 @@ Domain Whitelist Guide
 Overview
 --------
 
-Domain whitelisting in Apache Cordova is a security model that controls access to outside
domains, such as `http://google.com`. The default security policy is to block all network
access. The application developer can then declare access to specific network domains and
subdomains.
+Domain whitelisting in Apache Cordova is a security model that controls access to outside
domains, such as `http://google.com`.
+
+The default security policy is to allow all network access. Before moving your application
to production, it is advised to review your application's whitelist. The application developer
is encouraged to declare access to specific network domains and subdomains.
 
 Specification
 -------------
@@ -128,10 +130,18 @@ webOS
 
 Domain whitelisting is unsupported on webOS. By default, all domains are accessible.
 
-Windows Phone
--------------
+Windows Phone (7 & 8)
+---------------------
+
+The whitelisting rules are found in `config.xml` and declared with the element `<access
origin="..." />`.
+
+Android has full support for the whitelisting syntax.
 
-Domain whitelisting is unsupported on Windows Phone. By default, all domains are accessible.
+### Syntax
+
+Access to [google.com][2]:
+
+    <access origin="http://google.com" />
 
 Tizen
 ----------


Mime
View raw message