Android Webview:禁用CORS [英] Android Webview: disable CORS

问题描述

Android是否允许本机应用为http://(而非本地/文件)请求禁用CORS安全策略?

Does Android allow native apps to disable CORS security policies for http:// (not local/file) requests?

在我的本机应用程序中，Web视图通过http://而不是本地/文件系统显示远程html.这似乎受到与Web浏览器相同的CORS限制.

In my native app, a webview shows a remote html via http://, not on the local/file system. This seems to be CORS-restricted in the same way as within webbrowsers.

Worakround:我的quick'n'dirt解决方案是一个本地js桥，用于对没有Access-Control-Allow-Origin: *的跨域的Ajax请求. (由于网络服务会检查客户端的cookie + ip，因此不能选择jsonp或服务器端代理.)

Worakround: A native-js bridge for ajax requests to cross-domains which do not have Access-Control-Allow-Origin: * is my quick'n'dirt solution. (jsonp or server-side proxy is not an option because cookie+ip of client are checked by the webservice.)

可以针对Inapp Web视图禁用此策略吗?

Can this policy be disabled for inapp webviews?

请告诉我，是否有一个简单的标志允许js绕过此限制，从而限制了本机"应用的网络视图.

Please let me know, if there is a simple flag for allowing js to bypass this restriction which limits the "native" app's webview.

推荐答案

AFAIK这是不可能的，相信我，我已经尝试了很多方法.

AFAIK this is not possible, and believe me, I've tried many ways.

您能做的最好的事情就是覆盖资源加载.请参见从WebView拦截并覆盖HTTP请求

The best you can do is override resource loading. See Intercept and override HTTP-requests from WebView

这篇关于Android Webview:禁用CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！