I have been testing my app using ionic serve while developing and everything is working fine. I am now trying to export the apk using ionic build android, then storing the file 'android-debug.apk' on my web server and downloading it via a phone's browser and installing it to test it in the real world.
The app installs OK, but won't let me make any $http requests. I have installed the plugin cordova-plugin-whitelist, and also added the following to my config.xml file:
<plugin name="cordova-plugin-whitelist" spec="1" />
<access origin="*" />
<allow-navigation href="*" />
<allow-intent href="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
As well as that, I have added this into my main index.html file:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
Can someone tell me why the requests are still failing please?
I have tested on 2 different servers, both have CORS enabled and this has been verified using Postman.
Thanks for any help
Edit:
My $http request looks like this:
$http.get('http://url.com/request').then(function(res) {
console.log('success');
console.log(res);
}, function(res) {
console.log('error');
console.log(res);
});
After enabling remote chrome debugging, I get an error alert, following by an object which has:
data: null,
status: 0,
statusText: ""
Looks like I needed to add:
<uses-permission android:name="android.permission.INTERNET" />
into platforms/android/AndroidManifest.xml. Working OK now!
Related
Im trying to create a angular app using Alfresco adf components (https://github.com/Alfresco/alfresco-ng2-components) and need to have a mobile app too, so i decide use cordova to generate apk.
I follow the following tutorial (https://medium.com/#nacojohn/convert-your-angular-project-to-mobile-app-using-cordova-f0384a7711a6) to generate my apk.
All seems to works fine, apk was generated and install in BlueStack, until i have to make login in my app.
Origin is not allowed by access-control-allow-origin
I know that i need to have a whitelist policy for navigating the application webview
config.xml
<?xml version='1.0' encoding='utf-8'?>
<widget id="com.example.hello" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>HelloWorld</name>
<description>
A sample Apache Cordova application that responds to the deviceready event.
</description>
<author email="dev#cordova.apache.org" href="http://cordova.io">
Apache Cordova Team
</author>
<content src="index.html" />
<access origin="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<allow-navigation href="*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
<plugin name="cordova-plugin-device" spec="^2.0.2" />
<plugin name="cordova-plugin-whitelist" spec="^1.3.3" />
<engine name="android" spec="^7.0.0" />
<engine name="ios" spec="^4.5.4" />
</widget>
index.html
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'"
My angular web app have a dev-server proxy to fix the CORS problem
proxy.conf.json
{
"/alfresco": {
"target": "server-url",
"secure": false,
"changeOrigin": true
},
"/activiti-app": {
"target": "another-server-url",
"secure": false,
"changeOrigin": true
}
}
I dont know what i need to do more. Have i made something wrong? need to do something more?
Thanks
I think you should enable CORS in the Alfresco server, you can achieve that either by:
Including this dependency in you Alfresco extension.
Or by enabling CORS directly in the Tomcat server, full details can be found in the Tomcat documentation.
you have to enable CORS for details see Getting Started with Alfresco Application Development Framework
My problem was lack of configuration in app.config.json.
Instead of
"ecmHost": "http://{hostname}{:port}",
"bpmHost": "http://{hostname}{:port}"
I just need to set ecmHost and bpmHost to my servers and all works fine.
Thanks for helping guys
ajax.post works great in the browser but doesn't work on the real android device(and I don't know how I can see the error because I have left browser environment).
I think I have a problem with Internet permission or origin restriction. I have read about ManifestAndroid.xml but I can't find it in my project.(no such file)
How can I fix this? Thanks in advance
Here is my config.xml:
<access origin="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
Here is index.html restrictions:
<access origin="http://example.com" />
<meta http-equiv="Content-Security-Policy"
content="default-src * 'self' 'unsafe-inline' data: gap: 'unsafe-eval';
style-src * 'self' 'unsafe-inline';
connect-src * ;
script-src * 'self' 'unsafe-inline';
media-src *">
I had this problem with my Angular 2 App, the things I did are follows:
1) When you load Android Studio, you can select File->Profile APK to debug/run you APK, then you can look at the logcat to see any error messages.
2) Add the allow-navigation tag in config.xml
You need to add the Whitelist plugin to the plugin section of the config
3) What is the URL that you are making the request to? My big problem was that I was using relative URLs and because my Web App is on the device not the server, my relative path was pointing to file protocol file:// not http://.
So I would recommend making sure the URLs are absolute, ie http://, overwise your app could be doing a post to the file system not that's why it's failing
I'm developing a Cordova app for android, and I have a strange issue about jquery ajax calls: the debug build have no problem, while in the release one each ajax call fails with an error. If I run on device using USB everything is fine. If I compile the app in debug mode, copy and install it on the device, everything is fine.
If I compile the app in release mode and sign it for release using jarsigner and zipalign, and copy and install it on the device, the same ajax call fail with readyState 0, responseText empty, status 0 and statusText "error".
I spent a week searching and trying all the similar problems found on stackoverflow and google, but nothing changed.
This thread subject is similar, but my SSL certificate seems to be ok and there's no other solutions provided:
Ajax calls fail when running Android Cordova app in Release mode
Cordova version is 6.5 (but I had the issue in the 6.4 too).
This is the ajax call in the app:
glang = window.localStorage.getItem('glang');
show_loader();
$.support.cors=true;
$.ajax({
url: "https://app.laureatedesign.com/wp-content/plugins/designnews/ajax_langs.php",
data: "act=aj_app_lng_lst&lang="+glang+"&xend=x",
type: "POST",
dataType: "json",
timeout: 10000,
success: function(results) {
if (results["TYPE"]=="OK") {
$('#main').html(results["CONTENT"]);
$('#main').imagesLoaded( { },
function() {
show_content();
}
);
}
if (results["TYPE"]=="ERR") {
show_error();
}
},
error: function(XMLHttpRequest, status) {
console.log(status);
switch(status) {
default:
show_error();
break;
case "timeout":
show_error();
break;
}
}
});
By all means the ajax file ajax_langs.php on server can be simplified as follows:
<?php
$res = array("TYPE"=>"OK", "CONTENT"=>"Test");
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
echo json_encode($res);
?>
This is my config.xml:
<?xml version='1.0' encoding='utf-8'?>
<widget id="com.naba.designnews" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>APPTITLE</name>
<description>
DESCRIPTION
</description>
<author email="EMAIL" href="WEBSITE">
AUTHOR
</author>
<content src="index.html" />
<plugin name="cordova-plugin-whitelist" spec="1" />
<plugin name="InAppBrowser" value="org.apache.cordova.InAppBrowser" />
<plugin name="InAppBrowser" value="CDVInAppBrowser" />
<allow-navigation href="*" />
<allow-navigation href="*://*youtube.com" />
<access origin="*" />
<access origin=".*" />
<access origin="*.pushwoosh.com" />
<access origin="http://*" />
<access origin="https://*" />
<access origin="https://laureatedesign.com" subdomains="true" />
<allow-intent href="http://*" />
<allow-intent href="https://*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<preference name="windows-target-version" value="10.0" />
<preference name="StatusBarOverlaysWebView" value="false" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
</widget>
I added the whitelist-plugin.
In index.html file I have this meta:
<meta http-equiv="Content-Security-Policy" content="default-src * 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src * 'self' 'unsafe-inline'; script-src * 'self' 'unsafe-inline'; connect-src * https: http:">
I tried also to remove android platform and add it again. No changes.
As I said in debug mode everything is fine and all ajax calls returns successfully. In order to publish the app on Google Play I am proceeding signing and creating the package as follows:
1) cordova build android --release
2) jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore "PATH-TO-APP/APP.keystore" "PATH-TO-APP/platforms/android/build/outputs/apk/android-release-unsigned.apk" designnews
3) zipalign -v 4 "PATH-TO-APP/platforms/android/build/outputs/apk/android-release-unsigned.apk" "PATH-TO-APP/platforms/android/build/outputs/apk/AppTitle.apk"
I'm aware this is a cross-domain call involving CORS and all this stuff. But why the debug version is ok while the release one is not?
Please help, thanks in advance.
i know its´s a 3 years old question but after a deep searching a found the solution and a i want to share it.
I had the same issue you report, an the solution was so simple;
1º - You need to run "cordova prepare android" to get java binaries.
2º - Open the code that output that command on Android Studio, navigate on folder manifests/AndroidManifest.xml
3º - There is a called "application", you only need to add android:usesCleartextTraffic="true"
4º - Build and sign your app, now it should run ajax without any trouble!
I have Phonegap build app for android made with html + javascript (jquery). Yesterday it was working perfectly. Today ajax calls does't perform anymore. Sample code:
$(document).ready(function(){
setTimeout(function(){
$.ajax({
url: urlPrefix + "/xxxxx",
dataType: "jsonp",
jsonpCallback: "indexCallback"
});
alert('Ajax praejo');
},2000);
});
function indexCallback(response) {
alert('callback prasideda');
}
Alert after ajax call is showing, but alert in indexCallback function not appearing. Ajax calls external back-end server. I have made loging of calls in back-end server, but no call appears.
I have tried to make timeout before ajax is calling, but no result.
I white listed all possible domains in config.xml file:
<plugin name="cordova-plugin-whitelist" version="1" />
<access origin="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
<allow-navigation href="http://*/*" />
<allow-navigation href="https://*/*" />
<allow-navigation href="data:*" />
Everything works fine when i load index.html (ajax calls to external back-end) file into desktop browser.
Any ideas ?
I had a similiar problem with my app on android devices. After days of research i found following blog post. The certificate from our cert authority(top 4 ) was part of a bug in google webview. After updating the webview and chrome on the devices everything worked again.
Test again with the deviceready listener.
http://docs.phonegap.com/en/1.0.0/phonegap_events_events.md.html
document.addEventListener("deviceready", onDeviceReady, false);
function onDeviceReady() {
setTimeout(function(){
$.ajax({
url: urlPrefix + "/xxxxx",
dataType: "jsonp",
jsonpCallback: "indexCallback"
});
alert('Ajax praejo');
},2000);
}
function indexCallback(response) {
alert('callback prasideda');
}
Check your contents meta data.
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
I have referred https://github.com/apache/cordova-plugin-whitelist and added below to my config.xml:
<plugin name="cordova-plugin-whitelist" spec="~1.3.0"/>
<access origin="*" subdomains="true"/>
<!-- A wildcard can be used to whitelist the entire network,
over HTTP and HTTPS.
*NOT RECOMMENDED* -->
<allow-navigation href="*"/>
<allow-intent href="*"/>
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
I also have the below permission in my AndroidManifest.xml:
<uses-permission android:name="android.permission.INTERNET" />
And below is the CSP declaration in the index.html:
<meta http-equiv="Content-Security-Policy"
content="default-src 'self' data: gap: https://ssl.gstatic.com; style-src 'self' 'unsafe-inline'; media-src *;script-src 'self' localhost:35729 84.254.133.91:8080 'unsafe-inline' 'unsafe-eval';connect-src *">
And the server is running # 84.254.133.91:8080
Here is the code with http post call:
var req = {
method: 'POST',
url: $rootScope.labels.IP + $rootScope.labels.USER_ID_CREATE_URL,
data: {
userId: $scope.newUserIdCreate.username,
password: $scope.newUserIdCreate.password,
}
};
var res = $http(req);
res.success(function (data, status, headers, config) {
alert("request success:" + JSON.stringify({ data: data }));
});
res.error(function (data, status, headers, config) {
alert("request failed:" + JSON.stringify({ data: data }));
});
None of the $http requests are going through. I have spent nearly 2 days and referred 'n' number of articles but still can't crack this issue.
Further, I added a href link to 'google/facebook', and I am able to access these websites from the App.
Using the web app by running 'ionic serve' works perfectly fine. From the Android apk, none of the requests are hitting the server.
What is the missing configuration?
After much investigation over several days, the issue was same as that CORS issue with Tomcat and Android Webview
Adding the CordovaOriginWrapper as mentioned in one of the answers in the above question resolved the issue.
This is tricky and the ionic documentation never talks about this behavior. Ionic documentation needs to be updated with this behavior.