[ https://issues.apache.org/jira/browse/CB-362?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13247777#comment-13247777 ] Andrew Lunny commented on CB-362: --------------------------------- I talked with Shaz about this offline; here's a summary of what I think * we should have an API function for "open page in browser" that ignores the whitelist entirely. Links to whitelisted domains should open in the webview. * (more contentious) I think links to untrusted domains should always launch the browser. If you don't like this, use ChildBrowser to intercept the click/touch events, or don't put links to untrusted domains in your app. * ignore target and UIWebViewNavigationTypeOther. A lot of extra complexity, and it won't work cross platform anyway * all iframe/XHR calls should be locked to the whitelist. This change would only affect "a" tags. > [ios] target="_blank" links should open in browser (ignoring externalhosts) > --------------------------------------------------------------------------- > > Key: CB-362 > URL: https://issues.apache.org/jira/browse/CB-362 > Project: Apache Callback > Issue Type: Bug > Components: iOS > Affects Versions: 1.5.0 > Reporter: Andrew Lunny > Assignee: Shazron Abdullah > Labels: externalhosts, whitelist > Fix For: 1.7.0 > > > A link such as this: > {noformat}Google{noformat} > should open by default in the device's web browser, without being explicitly allowed in the plist (externalhosts). > This is the current (and, imo, expected) behaviour on Android. -- This message is automatically generated by JIRA. If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa For more information on JIRA, see: http://www.atlassian.com/software/jira