cordova白名单不工作在Android [英] cordova whitelist doesn't work in android

问题描述

对于cordova 5.0.0，我已设置：

For cordova 5.0.0, I have set:

<access origin="*" launch-external="yes"/>

并使用

<script src="http://cdn.bootcss.com/bootstrap/3.3.4/js/bootstrap.min.js">

在我的html中，但是当我启动它，日志说：

in my html, but when I have launched it, the log says that:

url blocked by whitelist

任何人都有这个问题吗？

Anyone had this problem earlier?

推荐答案

我能够使用以下插件解决这个问题： https://github.com/apache/cordova-plugin-whitelist ，然后添加适当的内容安全策略除了config.xml中的正常访问源策略。

I was able to resolve this issue by using the following plugin: https://github.com/apache/cordova-plugin-whitelist and then adding an appropriate Content Security Policy in addition to the normal access origin policy in the config.xml.

以下是执行此操作的步骤的摘要：

Below is a summary of the steps to do this:

• 使用CLI添加白名单插件： cordova插件添加https://github.com/apache/cordova-plugin-whitelist


• 可能已经存在，但在config.xml中添加访问源以将您的域列入白名单，例如：< access origin =https ：//*.MYDOMAIN.com/>


• 添加内容安全策略到必要的HTML文件，例如index.html：< meta http-equiv =Content- Security-Policycontent =default-src'self'https：//*.MYDOMAIN.com; style-src'self''unsafe-inline'; script-src'self''unsafe-inline''unsafe-eval'>


• 从CLI再次构建并运行android项目： cordova run android

• Using the CLI, add the whitelist plugin: cordova plugin add https://github.com/apache/cordova-plugin-whitelist
• Likely this is already in place, but in config.xml add an access origin to whitelist your domain, such as: <access origin="https://*.MYDOMAIN.com" />
• Add a Content Security Policy to in necessary HTML files, such as index.html: <meta http-equiv="Content-Security-Policy" content="default-src 'self' https://*.MYDOMAIN.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
• Build and run the android project from the CLI again: cordova run android

请注意，查看logcat可能会有所帮助这可以通过命令行完成： adb logcat

Note that it may be helpful to look at the logcat to see what errors if any you ae receiving. This can be accomplished from the command line with: adb logcat

此外，如我在上面的注释中指出的，这似乎是5.0.0的问题。这些步骤都不需要与4.3.0，所以如果可能的话更容易使用该版本。

Also, as noted in my comment above, this appears to be an issue with 5.0.0. None of these steps are required with 4.3.0, so it may be easier to just use that version if possible.

另外请注意，如果你从上面复制和粘贴，我使用https，所以如果你只需要http确保删除's'：）

Also, note that if you are copying and pasting from above, I am using https, so if you just need http make sure to remove the 's' :)

这篇关于cordova白名单不工作在Android的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！