Hi everyone, @Brian: Thanks for the info, I'll upgrade it then.
@Chris: I'll create the PR on cordova-plugin-wkwebview-engine today since it's the one I originally modified and tested, then I'll try to do the same with cordova-ios@6 once our project will be upgraded to use this version. Thank you Julien -----Original Message----- From: Bryan Ellis <er...@apache.org> Sent: December 22, 2020 11:09 PM To: dev@cordova.apache.org Subject: Re: Hello Cordova team CAUTION: This email came from outside NexJ. Do not click links or open attachments unless you recognize the sender and know the contents are safe. Hi Julian, I read that your using Monaca and building with cordova-ios@5.1.1 and also said that it is "the most recent version they give us access to for the moment." Monaca has reported that Cordova CLI 10.x and Cordova-iOS 6.x support was implemented & released on November 19th. If you do not see Cordova-iOS 6.x as a platform option, then the project's Cordova CLI version is not up-to-date. First, upgrade the project's CLI version before you can select the new iOS version. > On Dec 23, 2020, at 2:13, Chris Brody <chris.br...@gmail.com> wrote: > > Hi Julian I would recommend you consider announcing and sharing > whatever you have, in case it may help others or receive any contributions. > Thanks! > > > On Tue, Dec 22, 2020 at 11:28 AM Julien Lamure > <julien.lam...@nexjhealth.com> > wrote: > >> Hi Mathias, >> >> With this feature, we don't need to do anything on the device to be >> able to access web resources hosted on a server that uses self-signed >> certificates. >> As I said in a previous message, making the device accept or not >> untrusted certificates is controlled by a preference in the >> config.xml file. Then, the corresponding Objective-C code controlled >> by the preference intercepts the HTTPS request right when iOS >> evaluates the certificate and dynamically adds an exception so that all >> certificates get accepted. >> We configure this preference at build time so that our development >> versions can accept the self-signed certificates used by our >> developers local VMs, and it's disabled for our production builds. >> It's basically working the same way as this Oracle plugin: >> https://github.com/oracle/cordova-plugin-wkwebview-file-xhr#configura >> tion However, when I tried to use the Oracle plugin for our app, I >> never managed to make it work properly, so I ended up adding the same >> mechanics to cordova-plugin-wkwebview-engine so that it could accept >> all certificates as well. >> >> Cheers, >> Julien >> >> -----Original Message----- >> From: Scheffe, Mathias <mathias.sche...@accenture.com.INVALID> >> Sent: December 22, 2020 1:47 AM >> To: dev@cordova.apache.org >> Subject: Re: Hello Cordova team >> >> CAUTION: This email came from outside NexJ. Do not click links or >> open attachments unless you recognize the sender and know the contents are >> safe. >> >> Hi, >> >> @Julien: Can you detail your feature a bit more? >> We are also using self-signed certificates for testing. We are >> working with the Cordova standard and install our self-signed >> certificate on the testing iOS devices as trusted root certificate. >> Then everything works out of the box. Which additional features does your >> extension bring? >> >> Kind regards, >> Mathias >> >> From: Julien Lamure <julien.lam...@nexjhealth.com> >> Date: Saturday, 19. December 2020 at 00:21 >> To: dev@cordova.apache.org <dev@cordova.apache.org> >> Subject: [External] RE: Hello Cordova team This message is from an >> EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments. >> >> Hi Norman, >> >> You're right, it would totally make sense to have this directly built >> in cordova-ios@6. >> I had to add this feature to cordova-plugin-wkwebview-engine because >> we're using Monaca to build our app and cordova-ios@5.1.1 is the most >> recent version they give us access to for the moment. >> And I totally agree that allowing self-signed certificates is a big >> no-go for release builds, our automated build processes make sure >> it's only available for developer builds (accepting or refusing >> self-signed certificates is controlled by a preference in the config.xml >> file). >> I'm going to see if I can figure out how to incorporate it into >> cordova-ios@6 then, but maybe I can still also create the pull >> request for cordova-plugin-wkwebview-engine so that other Monaca >> customers like us can use it while waiting for getting access to >> cordova-ios@6. >> >> Cheers, >> Julien >> >> -----Original Message----- >> From: Norman Breau <nor...@nbsolutions.ca> >> Sent: December 18, 2020 5:49 PM >> To: dev@cordova.apache.org >> Cc: dev@cordova.apache.org >> Subject: Re: Hello Cordova team >> >> CAUTION: This email came from outside NexJ. Do not click links or >> open attachments unless you recognize the sender and know the contents are >> safe. >> >> Hi Julien, >> >> Ability to accept self-signed certificates for development builds >> sounds like a neat enhancement and I personally would give my thumbs >> up for this kind of feature. I would be hesitant to allow self-signed >> certificates for release builds. I'm wondering if this could be >> adapted to either an independent plugin or be incorporated into >> cordova-ios package. The cordova-plugin-wkwebview-engine package >> while not officially declared deprecated... will become obsolete soon >> given that it's only supported for cordova-ios <= 5.x. It's pending a >> formal vote and I think one last release for official deprecation. As >> of >> cordova-ios@6 WKWebView is built into the core platform and UIWebView >> is physically removed from the codebase. >> >> So if this could be adapted to support cordova-ios@6, I think that >> would be better in the long term. >> Kind regards, >> Norman >> On Dec 18 2020, at 6:21 pm, Julien Lamure >> <julien.lam...@nexjhealth.com> >> wrote: >>> Hello everyone, >>> >>> I'm senior DevOps engineer and team lead at NexJ Health, greetings >>> from >> Toronto, Canada. >>> We're a provider of cloud-based population health management >>> solutions >> and our platform can also be accessed from a Cordova-based mobile app >> available for Android and iOS. >>> I've been recently working on the migration to the WKWebView engine >>> for >> iOS, and I made a fork of cordova-plugin-wkwebview-engine that adds >> the ability to accept self-signed certificates. >>> I'm not an iOS developer, it was the first time I was touching some >> Objective-C code, but my patch is vastly inspired from what was done >> in Oracle's cordova-plugin-wkwebview-file-xhr. >>> We needed this feature because our developers test our mobile app >>> along >> with a server instance hosted on there workstation, and this local >> instance uses self-signed certificates. >>> >>> I was thinking of creating a pull request on the official >> cordova-plugin-wkwebview-engine to share this feature with the >> community since I could see a lot of people asking how to do it, >> please let me know if it's something that you would like me to do so. >>> Our fork is currently in one of our private repositories. >>> >>> Cheers >>> Julien >>> >> >> ________________________________ >> >> This message is for the designated recipient only and may contain >> privileged, proprietary, or otherwise confidential information. If >> you have received it in error, please notify the sender immediately >> and delete the original. Any other use of the e-mail by you is >> prohibited. Where allowed by local law, electronic communications >> with Accenture and its affiliates, including e-mail and instant >> messaging (including content), may be scanned by our systems for the >> purposes of information security and assessment of internal compliance with >> Accenture policy. Your privacy is important to us. >> Accenture uses your personal data only in compliance with data >> protection laws. For further information on how Accenture processes >> your personal data, please see our privacy statement at >> https://www.accenture.com/us-en/privacy-policy. >> >> _____________________________________________________________________ >> _________________ >> >> www.accenture.com >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org >> For additional commands, e-mail: dev-h...@cordova.apache.org >> >> --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org For additional commands, e-mail: dev-h...@cordova.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org For additional commands, e-mail: dev-h...@cordova.apache.org
