cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joe Bowser (JIRA)" <>
Subject [jira] [Commented] (CB-1947) Secure whitelisted URLs not loading in Android
Date Wed, 28 Nov 2012 22:59:57 GMT


Joe Bowser commented on CB-1947:

When you deploy from Eclipse, it still enforces the whitelist.  However, if you're using Self-Signed
Certificates, Cordova will not load those in production mode.  This is intentional, since
you should be using real certificates if you're releasing an actual app to the market.

Is this the case with your SSL site? 
> Secure whitelisted URLs not loading in Android
> ----------------------------------------------
>                 Key: CB-1947
>                 URL:
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>    Affects Versions: 2.2.0
>         Environment: Android 2.3 and 4.2
>            Reporter: Antony Lees
>            Assignee: Joe Bowser
> Given the config
>     <access origin="*"/> <!-- allow local pages -->
>     <access origin="" subdomains="true"/>
>     <access origin="" subdomains="true"/>
> I would expect both the http and https sites to load.  However only the unsecured http
URL will load, the secure https URL shows an HTML error page (it's an iframe)
> Even if I add
>     <access origin="*"/>
> the same thing happens
> I should add that if I deploy the app straight from eclipse (ie not signing it) the secure
URL works fine, so it is only when the whitelist is enforced that it doesn't seem to work

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message