Hi Junwei,
Have you had a chance to look at this issue with accessing insecure content
from a secure page?
At this stage this is the main issue that is blocking us from releasing our
Android app.
So if you get a chance to look at this it would be much appreciated.
Thanks,
Brendan
On 9 February 2015 at 2:05:54 pm, Brendan Roche ([email protected]) wrote:
I just tried adding this command line option as you suggested myself and
unfortunately I’m still receiving the same error too.
Thanks very much for continuing to investigate.
--
Brendan Roche
Sent with Airmail
On 9 February 2015 at 12:13:49 pm, Fu, Junwei ([email protected]) wrote:
Hi,
We need use a custom command-line by adding a text file called
xwalk-command-line(no suffix) to the assets/ directory of your android apk
package. This files should contain a single line, representing the xwalk
command line to run; in this case, the line would be:
Xwalk --allow-running-insecure-content
But there was no effect now, I am investigate it.
From: Brendan Roche [mailto:[email protected]]
Sent: Monday, February 09, 2015 7:37 AM
To: [email protected]; Fu, Junwei
Subject: RE: [Crosswalk-help] Blocked request for loading HTTP from HTTPS page
Hi guys,
Is there any other ideas for how I can get around this mixed content issue
using the XWalk webview?
Using a standard android webview and prior to API v21 all mixed content was
allowed, and from v21 mixed content is blocked by default and can be enabled
with WebSettings::setMixedContentMode
http://developer.android.com/reference/android/webkit/WebSettings.html#setMixedContentMode(int)
Though I haven’t been able to find the equivalent setting for the XWalk webview
On 6 February 2015 at 4:06:28 pm, Brendan Roche ([email protected]) wrote:
I don’t have any code samples I can share, but a simple example would be to
setup a new crosswalk cordova project that loads a secure page (with jQuery
loaded). E.g. In config.xml:
<content src="https://jquery.org/join/"; />
Then in a chrome debugging console run:
$.ajax({
url : "http://www.insecure-external-page.com";
});
And you'll see the error.
On 6 February 2015 at 2:19:10 pm, Fu, Junwei ([email protected]) wrote:
Can I reproduce this issue? Can you describe the steps or share your sample
code?
From: Brendan Roche [mailto:[email protected]]
Sent: Friday, February 06, 2015 11:13 AM
To: [email protected]; Fu, Junwei
Subject: RE: [Crosswalk-help] Blocked request for loading HTTP from HTTPS page
Hi Junwei,
Thanks for your response, I have tried changing this setting and unfortunately
it didn’t help and i still get this message.
I believe this would help with cross-origin issues, which is not quite the same
as accessing mixed content with different protocols.
Any other ideas?
On 6 February 2015 at 1:08:47 pm, Fu, Junwei ([email protected]) wrote:
Thanks for trying Crosswalk.
Could you please try to add the URL to whitelist within the app’s config.xml,
like below,
<access origin=”http://www.insecure-external-page.com” />
From: Crosswalk-help
[mailto:[email protected]] On Behalf Of
Brendan Roche
Sent: Friday, February 06, 2015 9:18 AM
To: [email protected]
Subject: [Crosswalk-help] Blocked request for loading HTTP from HTTPS page
I’m building an web based app using Cordova Crosswalk which runs from a secure
page that is performing an AJAX request to an insecure page which results in
the following error in the console:
Mixed Content: The page at 'https://my.secure-page.com' was loaded over HTTPS,
but requested an insecure XMLHttpRequest endpoint
'http://www.insecure-external-page.com'. This request has been blocked; the
content must be served over HTTPS.
So I’ve got no way to change the url I’m trying to access to a secure page. So
I just need a way of overriding this security check.
I see in the crosswalk blink project there seems to be a way to allow access to
insecure urls view setAllowDisplayOfInsecureContent(bool)
in
https://github.com/crosswalk-project/blink-crosswalk/blob/master/Source/web/WebSettingsImpl.h
But I haven’t been able to find a way to access that via the crosswalk api.
Any ideas would be much appreciated.
Thanks,
Brendan_______________________________________________
Crosswalk-help mailing list
[email protected]
https://lists.crosswalk-project.org/mailman/listinfo/crosswalk-help
