Details
-
Improvement
-
Status: Open
-
Minor
-
Resolution: Unresolved
-
None
-
None
-
None
-
Cordova for Android 5.1.1
Description
Issue 1:
https://github.com/apache/cordova-plugin-whitelist states:
"Intent Whitelist ... does not apply to plugins, only hyperlinks and calls to window.open()."
At least on Android, <allow-intent> doesn't seem to affect window.open calls when InAppBrowser is installed. For example, this doesn't use the whitelist:
window.open('market://details?id=com.example.android', '_system');
but this does:
window.location = 'market://details?id=com.example.android';
Issue 2:
https://github.com/apache/cordova-plugin-whitelist states:
"Navigation Whitelist...controls which URLs the WebView itself can be navigated to. Applies to top-level navigations only. Quirks: on Android it also applies to iframes for non-http(s) schemes."
On iOS, this seems to apply to iframes as well. If I insert an iframe into the top-level page, it won't be loaded without an <allow-navigation> entry for the iframe's src.