Enable whitelisting support for embedded content #118

nukulb opened this Issue Jun 20, 2012 · 4 comments


None yet

3 participants


All api's are available to embedded content, regardless of config.xml

App is a local index.html with app api's whitelisted, embedded iframe
with no api's allowed (think of an rss reader app)

The embedded content has access to any api the app has.

@kwallis - fill in the details on what you want the behavior to be for remote url vs. local url

Open Source Projects member

different domains is a better question.

Here is the problem, there is no way to find out from that if a NetworkResourceRequest came from an iFrame or original page. So I will be opening a PR.

Open Source Projects member


cc @jeffheifetz


Not yet

@sleroux sleroux added a commit to blackberry-webworks/BB10-WebWorks-Framework that referenced this issue Oct 31, 2012
@sleroux sleroux Fixes blackberry/BB10-WebWorks-Framework#118
Changes a webview's requests to use the referrer from the
NetworkResourceRequestedEvent instead of originalLocation.

Reviewed By: Jeffrey Heifetz <jheifetz@rim.com>
Tested By: Igor Shneur <ishneur@rim.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment