We have a cordova app that is working fine on ios, and the debug build for Android works fine. The problem is when we build a release version. The app will start up, but none of the ajax calls work.
We've tried a lot of things. We have updated cordova, we have changed the config.xml to have:
<allow-navigation href="*"/>
The only thing that has worked so far is changing the release apk's AndroidManifest.xml to debuggable. We did this so we could debug the problem, but it actually made it so that the ajax calls were being made. I tried uploading that APK, but Google play won't accept an apk that is debuggable.
sigh.....
One other thing that could be helpful information is we recently had to change the Domain of our server. We edited all the files to point to the appropriate server. So they are pointing to the correct host, but I figured it could possibly be a problem with certificates or CORS even.
We could really use some help if anybody has any ideas.
Me and my co worker had a very similar issue to this, we tried everything that was said in these answers and nothing worked. We finally found our issue was an ssl certificate issue with cordova. It is an awful issue because it never exactly tells you its an issue.
here is a link of the article that helped us the most:
http://ivancevich.me/articles/ignoring-invalid-ssl-certificates-on-cordova-android-ios/
really hope this helps!
The most common issue with this type of error is that the app is missing the whitelist plugin. It is necessary for Android apps, but not for iOS apps.
cordova plugin add cordova-plugin-whitelist
Then in your config.xml you can add the following to allow everything:
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
<access origin="*" />
The linked solution still works for Cordova 9. As I can't comment on answers yet, I write the relevant parts here as Nico wished in case the link doesn't work anymore at some point:
Cordova on Android platforms allows invalid certificates, but only in build mode, and not in release mode, because the WebView doesn't allow "insecure" requests. You have to change 3 lines in the original platform code from Cordova in the following function:
public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
final String packageName = this.cordova.getActivity().getPackageName();
final PackageManager pm = this.cordova.getActivity().getPackageManager();
ApplicationInfo appInfo;
try {
appInfo = pm.getApplicationInfo(packageName, PackageManager.GET_META_DATA);
if ((appInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE) != 0) {
// debug = true
handler.proceed();
return;
} else {
// debug = false
// THIS IS WHAT YOU NEED TO CHANGE:
// 1. COMMENT THIS LINE
// super.onReceivedSslError(view, handler, error);
// 2. ADD THESE TWO LINES
// ---->
handler.proceed();
return;
// <----
}
} catch (NameNotFoundException e) {
// When it doubt, lock it out!
super.onReceivedSslError(view, handler, error);
}
}
The file containing the function is SystemWebViewClient.java for Cordova Version 5 and above. In previous versions it's CordovaWebViewClient.java.
Paths:
V5+: project/platforms/android/CordovaLib/src/org/apache/cordova/engine/SystemWebViewClient.java
V4-: project/platforms/android/CordovaLib/src/org/apache/cordova/CordovaWebViewClient.java
Source: Content from link mentionend above by Nico Haase and written by JC Ivancevich
Related
I'm having a problem with Cordova and (maybe?) cordova-plugin-whitelist since yesterday and can't figure out a solution, so here I'm, searching for your help. I'll try my best to explain everything.
Background
I work on an IT company and we have some applications developed using Cordova Platform. Yesterday, I installed an application on my device and get the following errors:
Access to XMLHttpRequest at 'http://valid-url/' from origin 'file://' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Uncaught (in promise) Error: Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.
at Request.push../node_modules/superagent/lib/client.js.Request.crossDomainError (client.js:621)
at XMLHttpRequest.xhr.onreadystatechange (client.js:705)
This errors don't allow me to make a request to the server. But here's a curious thing: this just happens when I start the application for the first time or when I delete the database; if I close the application and start it again it works just fine. Another curious thing: this happens with all ours applications, and some of then don't get a new patch or any change in months, so... how could it happen? I though about a change on Chromium, but the version on my device is older than the actual one.
I know that I need cordova-plugin-whitelist to make requests, I already have it installed on the 1.3.4 version and with this configurations on config.xml (on one of the applications):
<access origin="*" />
<allow-navigation href="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
My current version of cordova-android is 7.0.0 - I already tried to downgrade cordova-android and plugin whitelist to 6.4.0 and 1.3.3 respectively, but doesn't worked.
I suspect that the problem is in android itself or cordova-plugin-whitelist, but remember: it started from nothing, without any changes in the code repositories or new builds - this is driving me crazy.
Can someone give me a light?
Thank you!
We're having this same issue at my company. Looking into it, we've discovered this Chromium bug that has a fix merged into 77:
https://bugs.chromium.org/p/chromium/issues/detail?id=991107
If you're running Chromium 76, this might be the source of your troubles. Sadly, it's not fixable on our end.
I'm using Cordova 7.0.1, and trying to set the contents of an iframe using a generated blob: url, but the result is an empty iframe, and no console errors.
If I disable blob: urls in the content security policy, I get an error as I would expect. So I'm fairly confident my problem is not the CSP.
I've also whitelisted * in config.xml to no avail:
<allow-navigation href="*" />
<allow-intent href="*" />
Constructing a data: url works. Why doesn't blob:?
Ages ago, probably with Cordova 5, I had this working. Is this no longer permitted? Is there a way to allow it again, or an alternative method?
To allow blob scheme, we have to set the following in config.xml:
<allow-navigation href="blob:*" />
More info on this is available on Issue:CB9558 under official apache cordova issue tracker.
I have searched on web but got nothing concrete about this issue.
I'm using ionic v1, in which I'm loading my adfs url to ask user for login though adfs web page but only on some phones I see login page and on others I see blank screen.
I tried debugging it but I got nothing[only the url] constructive so far.
I'm loading url using
window.open("https://inve....", '_system');
So far we've encountered with this issue on Android phones only, but I'm targeting iPhones also.
Any help will be appreciated. Thanks
app browser and loading adfs login page with url in it for this ionic app.
The prob I was facing was because of certificates, The server is using self signed certificate so when I'm trying to load it on the device who don't even opened server pages on browsers the app used to stuck on white screen.
If your server is signed with proper certified certificate by CA then this prob will not occur as browsers able to validate these certificates easily.
That's why earlier with right certificate My android app used to work on all android phones.
Here is link to understand the process if you want to specify the certificates locally.
For other guys looking for help in this situation.
For open external url you need to use plugin for ionic which is compatible for both android and ios:
Install cordova-plugin-inappbrowser using below line:
cordova plugin add cordova-plugin-inappbrowser
after that put this code in your html file:
<button class="button" ng-click="openurl('https://..........')">
Click here
</button>
and then call click event through controller:
.controller('MyCtrl', function($scope, $cordovaInAppBrowser) {
var options = {
location: 'yes',
clearcache: 'yes',
toolbar: 'no'
};
$scope.openurl = function (url) {
window.open(url, '_system', options);
}
OR
$scope.openurl = function (url) {
$cordovaInAppBrowser.open(url, '_system', options);
}
})
Also change in your config.xml file
<allow-intent href="*" />
<allow-navigation href="*" />
<allow-intent href="http://*/*" launch-external="yes" />
<allow-intent href="https://*/*" launch-external="yes" />
<feature name="StatusBar">
<param name="ios-package" onload="true" value="CDVStatusBar" />
</feature>
For further reference you can go through:
https://github.com/apache/cordova-plugin-inappbrowser
This is driving me crazy. I'm working on a Ionic app (Cordova, Angular etc). I have a contact us link which contains a mailto: href
href="mailto:info#somedomain.net?subject=my%20App"
I've read countless posts on SO that say you have to remove
<access origin="*"/>
from the config.xml in the project root and replace it with:
<access origin="mailto:*" launch-external="true" />
Which I've done. When I run ionic build it gets added to the config.xml in platforms/android/res/xml. But no matter what I do the link doesn't open the mail app on any Android simulator (even when email is configured in the simulator).
Sadly I don't have a device to test on - so is this just a emulator thing or am I missing something?
You must install the cordova plugin whitelist:
cordova plugin add cordova-plugin-whitelist
or if you want to save the reference to your config.xml file:
cordova plugin add cordova-plugin-whitelist --save
and that you have to add the intent to your config.xml file:
<allow-intent href="mailto:*" />
You can find more info here.
Try this:
window.location.href = "mailto:your#ema.il?subject=Works on iOS too";
I just solved this thanks to the responses & articles above. I'm not sure what has or hasn't changed since the above postings, but for the reference of others; I now have http://, https://, tel:, & mailto: working with only the inappbrowser plugin installed and no manual edits to config.xml needed. I did everything mentioned above & it still wasn't working, so I started fiddling and found that I the window.open() call requires the second parameter of "_system" to work correctly (it tried to use the browser and "navigate" to http://mailto:xxx... without the "_system" flag).
However, for curiousity's sake, I uninstalled the whitelist plugin and removed the manual edits in config.xml and it still works.
Notes:
-I don't remember all the variations I tried, but onclick couldn't access the Ionic/Angular/Cordova scope(s), so I stuck with ng-click.
-I did not / have not tried using href="..." with any of the options.
(If I remember, I'll test them and update this to reflec my results.)
So, with only the cordova-plugin-inappbrowser installed and no config.xml edits, here are my working / tested solutions:
ng-click="window.open('http://somesite.com', '_system')"
ng-click="window.open('https://google.com', '_system')"
ng-click="window.open('tel:(123) 345-4567')"
ng-click="window.open('mailto:email#example.com', '_system')"
Tested 9/20/2016 Using:
HTC One M8, android 6 ,cordova v6.3.1, cordova-plugin-inappbrowser v1.5.0, ionic v2.0.0, jdk1.8.0_101, android SDKs 21, 23, & 24 installed
what if you replace "true" with "yes"... I use this in my app and it works.
<access origin="tel:*" launch-external="yes"/>
Ran into this today and noticed something that affected mailto, but not tel, links:
In addition to adding the intent to the cordova config as described by dave's answer
<allow-intent href="mailto:*" />
I also had to allow mailto links in the csp header of my page
<meta http-equiv="Content-Security-Policy" content="default-src 'self' mailto:*">
Didn't see any documentation around this behaviour of CSP headers.
Just in addition to use Cordova's WhiteListPlugin ;
It worked for me in this way:
in config.xml
<access origin="*"/>
<access origin="mailto:*" launch-external="true" />
<allow-intent href="mailto:*" launch-external="yes"/>
And specially for ios add :
<platform name="ios">
<allow-navigation href="mailto:*" launch-external="yes"/>
...
<platform name="ios">
Altering Cordova's WhiteListPlugin in config.xml did not work for me -- <access >,`. I tried many combinations, including those above. Doesn't mean these won't work necessarily, just for my setup it doesn't. (Building for Browser, Android, and iOS)
However, using the Cordova InAppBrowser Plugin worked:
As mentioned above, use the inAppBrowser plugin and set the target to _system.
This by passes the issues I was seeing in iOS with unsupported url, and launches the native systems web browser (i.e., Does not rely on WhiteListPlugin to allow the URL call).
Hope this helps.
Cordova version 6.3.1.
I'm making an application using jQuery Mobile and Phonegap Build. The jQuery Mobile javascript code works fine, however the phonegap javascript code doesn't seems to be working. The application it's using a multiple html template, and I made the login the index file of the application.
I'm using phonegap version 3.1.0 (current default for build service)
I'm adding the following lines in the config.xml file:
<gap:plugin name="org.apache.cordova.device" />
<gap:plugin name="org.apache.cordova.file" />
Then, at index.html, I'm adding the following scripts at the header:
<script src="phonegap.js"></script>
<script src="js/settings_page.js"></script>
<script src="js/jquery-2.0.3.min.js"></script>
<script src="js/jquery-mobile-events.js"></script>
<script src="js/jquery.mobile-1.4.1.min.js"></script>
The settings_page file includes some basic phonegap API interaction, which writes some default values in local storage in case they're not set:
console.log('added');
document.addEventListener('deviceready', deviceReady, false);
function deviceReady() {
console.log('called');
var application_settings = window.localStorage;
//if no settings have been created, create them
if (application_settings('defaults') === null) {
application_settings.setItem('defaults', 'true');
application_settings.setItem('type', 'all');
application_settings.setItem('sport', 'all');
application_settings.setItem('customer', 'all');
application_settings.setItem('order', 'date');
application_settings.setItem('refresh', 'never');
console.log('defaults set');
}
}
Using ripple emulator I can see the 'added' comment in the console log, however never reaches the 'called' one, and if I run the application and use weinre to debug it, none of the console logs registers.
In both cases none of the keys are being generated, but I'm not getting any errors either, am I missing something? I changed the features to plugins as suggested in here PhoneGap 3.1 Build Device Is Not Defined and here http://www.raymondcamden.com/index.cfm/2013/10/1/PhoneGap-Build-and-PhoneGap-30 but it's still not working, any help is highly appreciated
You need to run on your actual device or simulator. Run on ripple chrome extension won't help you.
Adding following line help me... I have done all tries but nothing helped me so finally I went through http://docs.build.phonegap.com/en_US/#googtrans(en) Configurations block..
<plugin name="cordova-plugin-whitelist" version="1"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
<platform name="android">
<allow-intent href="market:*"/>
</platform>
<platform name="ios">
<allow-intent href="itms:*"/>
<allow-intent href="itms-apps:*"/>
</platform>
Ok after hours of debugging and testing I solved the issue, I think this can be helpful for future references to any other phonegap build users so I'm gonna list step by step guide on what I did in here. I don't know if this is the best approach though, so I'd really appreciate some feedback on things that can be improved :)
To make jQuery work with Phonegap Build and Phonegap API you need to do the following in your application's index:
Please note the API calls won't run in the emulator, you need a real device to check this out. (Thanks #Dato' Mohammad Nurdin for this valuable information)
Add a reference to the phonegap script <script src="phonegap.js"></script> ideally this can be your first script reference, it doesn't requires any library to work and you don't need to have the library itself, phonegap build will add it once it compiles the code.
Add jQuery reference (in case you need it, since I was working with jQuery Mobile I'll need it)
Device ready will take place in your index file when you'll next add the event listener, adding this in other scripts will cause some issues with the device ready event. But if you need to check the device ready status in other scripts, you can add a global variable available for all of the scripts bellow, if you don't know how you can create a script with a variable, this will make it available for all the scripts referenced after this one. Example: <script>var phonegap_ready = false</script>
add a script with your event listener
document.addEventListener("deviceready", onDeviceReady, false);
function onDeviceReady() {
phonegap_ready = true;
}
Add the source of jQuery Mobile and your js events and code files.
As a side note, checking for device ready while working with jQuery Mobile it's just a standard, after some test I ran, phonegap device ready fires way more faster than jQuery pageshow event (which makes sense considering all of the DOM manipulation jqm page events do) however I still recommend it just as a caution.
Once in your code you can use the deffered call $.when() to check asynchronously to not execute the phonegap calls until the phonegap framework is fully operational. As an example using the previously global variable created:
$(document).on('pageshow', '#login_page', function (parent_event) {
//do jQuery Mobile event handlings here
$.when(phonegap_ready === true).then(function () {
phonegapApiFunctionsCall();
});
});
If the features or plugins (calls to phonegap API are performed as features before Phonegap Build 3.0, and as of Phonegap Build 3.0 these were replaced for plugins) you'll be able to run the API commands from the phonegapApiFunctionsCall() and will avoid the initialization issues between phonegap deviceready event and jQuery Mobile page initialization events.