cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chandra Sekhar Walajapet Sureshbabu (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-12654) Cordova release build blocks ajax requests
Date Fri, 14 Apr 2017 18:39:41 GMT

    [ https://issues.apache.org/jira/browse/CB-12654?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15969370#comment-15969370
] 

Chandra Sekhar Walajapet Sureshbabu commented on CB-12654:
----------------------------------------------------------

[~kerrishotts] SSLLabss shows no signs of certificate issues (Rates it A)
my question again is how come only nexus 5X 7.1.1 alone fails and Pixel 7.1.1 is working normally.

Between just want to know if there is any association of debug.keystore with the SSL cert?

> Cordova release build blocks ajax requests
> ------------------------------------------
>
>                 Key: CB-12654
>                 URL: https://issues.apache.org/jira/browse/CB-12654
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>         Environment: cordova-android@4.1.1 , Android Version 7.1.1, Nexus 5X
>            Reporter: Chandra Sekhar Walajapet Sureshbabu
>
> Android Cordova Debug Build works fine on Nexus 5X, 7.1.1 , However it fails to make
any ajax requests on Release(Signed) Build.
> Tried communicating from native code using a plugin, the connection is successful
> The issue occurs only in Nexus 5X, 7.1.1 and doesn't happen on other devices.
> Permissions:
> <uses-permission android:name="android.permission.INTERNET" />
> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
> Whitelist plugin in config.xml:
> <feature name="Whitelist">
>         <param name="android-package" value="org.apache.cordova.whitelist.WhitelistPlugin"
/>
>         <param name="onload" value="true" />
>     </feature>
> Even tested with logs in ChromeWebViewImpl.java
> Returns true when asked for shouldAllow
> CSP:
> <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap:
https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; connect-src
https://mysubdomain.mydomain.com">
> Please note the CSP works for all Android, iOS devices except for Nexus 5X 7.1.1, i even
tried removing connect-src, but same result.
> Did anyone come across similar issue ?



--
This message was sent by Atlassian JIRA
(v6.3.15#6346)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message