cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Nikhil Khandelwal (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (CB-10324) Derive whitelist tags from CSP
Date Tue, 12 Jan 2016 19:30:40 GMT

     [ https://issues.apache.org/jira/browse/CB-10324?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Nikhil Khandelwal updated CB-10324:
-----------------------------------
    Summary: Derive whitelist tags from CSP  (was: iframe created in JavaScript does not load)

> Derive whitelist tags from CSP
> ------------------------------
>
>                 Key: CB-10324
>                 URL: https://issues.apache.org/jira/browse/CB-10324
>             Project: Apache Cordova
>          Issue Type: Improvement
>          Components: iOS
>    Affects Versions: 4.0.1
>            Reporter: Gregor Schmidt
>
> When dynamically creating an {{iframe}}, the {{iframe}}'s {{src}} is never loaded. This
worked without issues using 3.9.2.
> Example Code:
> {code:javascript}
> i = document.createElement("iframe");
> i.src = "https://example.org";
> document.body.appendChild(i);
> {code}
> Please note, that you have to extend the {{Content-Security-Policy}} headers to include
{{https:}} to pass CSP restrictions.
> I have also created a sample project to reproduce the problem. You may find it at https://github.com/schmidt/cordova-ios-iframe-example



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message