Event Generation Causes CSP Violation for Android

[nusculus]

For Android, this plugin calls appView.sendJavascript() which is a deprecated method. In turn, that method causes a CSP (Content-Security-Policy) violation unless 'unsafe-eval' is used in the policy rules. Updating the generation of the event would be helpful since I am trying to implement good security, plus that sendJavascript() call must eventually go away. I have not looked at iOS.

[sebasi]

I am having the same issue. Is there any update on this?

[dcousens]

This is still the case. Any fix for this? I'm unable to compromise on the CSP so this is a blocker on my ability to use this plugin right now :(

[dcousens]

Seems to have been a fix for sendJavascript, though I'm still seeing errors. Will report back.

[dcousens]

Ah, 1.0.6 hasn't been published yet.
Ping @mlynch @adamdbradley @tlancina

[tlancina]

It should be available, Make sure to use ionic-plugin-keyboard to install
from npm, since the registry has been made read only:
https://cordova.apache.org/news/2015/09/08/CPR-readonly.html

On Wed, Sep 30, 2015 at 9:01 AM Daniel Cousens notifications@github.com
wrote:

Ah, 1.0.6 hasn't been published yet.
Ping @mlynch https://github.com/mlynch @adamdbradley
https://github.com/adamdbradley @tlancina https://github.com/tlancina

—
Reply to this email directly or view it on GitHub
#42 (comment)
.