slack-digest/2021-06-06.md
Sun, 06 Jun 2021 08:28:54 GMT
Join the conversation at slack.cordova.io
Sat, 05 Jun 2021 20:06:48 GMT
@costagauci says
Hi all, I have created an app and I am having trouble with the Content Security Policy. When testing everything works fine on Android however when for iOS it doesn't seem to work.
I am getting the following error:
OriginXMLHttpRequest cannot load <https://webaddress.org.uk/location/login.php> due to access control checks. Failed to load resource: Origin null is not allowed by Access-Control-Allow-Origin.``` This is the relevant code. I am really baffled here. ```<meta http-equiv="Content-Security-Policy" content="default-src * data: cdvfile: gap:; style-src 'self' <https://webaddress.org.uk/*> <https://locations.webaddress.org.uk/*>; script-src 'self' <https://webaddress.org.uk/*> <https://locations.webaddress.org.uk/*> 'unsafe-inline' 'unsafe-eval'">``` ``` <content src="index.html" /> <access origin="*" /> <allow-intent href="<http://thepod.org.uk/*>" /> <allow-intent href="<https://thepod.org.uk/*>" /> <allow-intent href="http:/locations.thepod.org.uk/*" /> <allow-intent href="<https://locations.thepod.org.uk/*>" /> <allow-intent href="tel:*" /> <allow-intent href="sms:*" /> <allow-intent href="mailto:*" /> <allow-intent href="geo:*" /> <platform name="android"> <allow-intent href="market:*" /> </platform> <platform name="ios"> <allow-intent href="itms:*" /> <allow-intent href="itms-apps:*" /> </platform>``` I am using cordova-plugin-whitelist