cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joe Bowser <>
Subject Re: domain whitelisting inconsistancy on Android and iOS
Date Thu, 27 Dec 2012 06:54:15 GMT
1. Whitelisting SHOULD work for all resources being loaded, if images
and JS are working, that is a bug, and we would appreciate if you
could add it to JIRA
2. href links opening an external browser is the correct behaviour for
Android.  Links should never do nothing on this platform, because you
will leave your users wondering why the links are broken and don't
work "Yet another broken PhoneGap app".  Also, once the links are in
the browser, they are subject to the browser's security policy, and
not ours.

I believe that InAppBrowser breaks this in the new version in favour
of setting targets, which I personally think is wrong.  In my opinion,
consistency with the host platform is more important than consistency
across Cordova versions.  If the user knows you're running a Cordova
app, that means that someone failed along the way, whether it be us or
the developer who created the app.

On Wed, Dec 26, 2012 at 8:19 PM, Manjula Fernando <> wrote:
> The Domain Whitelisting in Android works only for the href links, but not
> for the embedded resources (images, javascripts) during the time of
> loading. If link is not whitelisted it gets opened in a new instance of
> native browser rather than blocking it from opening it at all. But in iOS
> it blocks all non-whitelisted domains urls. Please let me know whether this
> is the expected behavior in whitelisting for Android?. If so, has this been
> identified as a known issue and planning to be fixed in future release?
> Appreciate your early response on this.
> Thanks and Regards
> Manjula

View raw message