Enable whitelisting support for embedded content #118

Open
nukulb opened this Issue Jun 20, 2012 · 4 comments

Projects

None yet

3 participants

@nukulb

All api's are available to embedded content, regardless of config.xml

App is a local index.html with app api's whitelisted, embedded iframe
with no api's allowed (think of an rss reader app)

The embedded content has access to any api the app has.

Expected:
@kwallis - fill in the details on what you want the behavior to be for remote url vs. local url

@kwallis
Open Source Projects member
@nukulb

different domains is a better question.

Here is the problem, there is no way to find out from that if a NetworkResourceRequest came from an iFrame or original page. So I will be opening a PR.

@kwallis
Open Source Projects member

Fixed?

cc @jeffheifetz

@jeffheifetz

Not yet

@sleroux sleroux added a commit to blackberry-webworks/BB10-WebWorks-Framework that referenced this issue Oct 31, 2012
@sleroux sleroux Fixes blackberry/BB10-WebWorks-Framework#118
Changes a webview's requests to use the referrer from the
NetworkResourceRequestedEvent instead of originalLocation.

Reviewed By: Jeffrey Heifetz <jheifetz@rim.com>
Tested By: Igor Shneur <ishneur@rim.com>
2aeffdf
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment