incubator-callback-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Shazron Abdullah (JIRA)" <>
Subject [jira] [Commented] (CB-1412) iOS Whitelist is never used, all urls will pass the whitelist
Date Wed, 12 Sep 2012 20:29:07 GMT


Shazron Abdullah commented on CB-1412:

Yup, usually I let it run mobile-spec first in a new project _without_ adding the exceptions
in the whitelist for the tests, and there should be failed tests - in this case, all tests
passed which flagged me to the problem.

Oh, I was thinking about the InAppBrowser feature that we need to implement (which is ChildBrowser).
I mentioned the approach in one of the ML threads so I thought we can use the xhr bridge method
as well. 

I was thinking in the webView:shouldStartLoadWithRequest UIWebView delegate method can inject
the right header in the NSMutableRequest, but upon thinking about it some more, I forgot about
xhrs and resource loading, those won't be caught by the delegate. I don't know of a method
at this moment that we can "tag" a request with (what viewcontroller/uiwebview it came from)
to use the appropriate whitelist.

We want to use separate whitelists because an InAppBrowser might have different requirements
than the app itself - right now it has to share the app's whitelist. 
> iOS Whitelist is never used, all urls will pass the whitelist
> -------------------------------------------------------------
>                 Key: CB-1412
>                 URL:
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: iOS
>    Affects Versions: 2.1.0
>            Reporter: Shazron Abdullah
>            Assignee: Shazron Abdullah
>            Priority: Blocker
>             Fix For: 2.1.0
> The line here:
> ... the whitelist object is nil, which will return false for the condition, allowing
the bypass.

This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see:

View raw message