[
https://issues.apache.org/jira/browse/CB-1947?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13506023#comment-13506023
]
Joe Bowser commented on CB-1947:
--------------------------------
When you deploy from Eclipse, it still enforces the whitelist. However, if
you're using Self-Signed Certificates, Cordova will not load those in
production mode. This is intentional, since you should be using real
certificates if you're releasing an actual app to the market.
Is this the case with your SSL site?
> Secure whitelisted URLs not loading in Android
> ----------------------------------------------
>
> Key: CB-1947
> URL: https://issues.apache.org/jira/browse/CB-1947
> Project: Apache Cordova
> Issue Type: Bug
> Components: Android
> Affects Versions: 2.2.0
> Environment: Android 2.3 and 4.2
> Reporter: Antony Lees
> Assignee: Joe Bowser
>
> Given the config
> <access origin="http://127.0.0.1*"/> <!-- allow local pages -->
> <access origin="https://mysite.com"; subdomains="true"/>
> <access origin="http://mysite.com"; subdomains="true"/>
> I would expect both the http and https sites to load. However only the
> unsecured http URL will load, the secure https URL shows an HTML error page
> (it's an iframe)
> Even if I add
> <access origin="*"/>
> the same thing happens
> I should add that if I deploy the app straight from eclipse (ie not signing
> it) the secure URL works fine, so it is only when the whitelist is enforced
> that it doesn't seem to work
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
