Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Cordova url's and image src has 'unsafe' infront of url in Windows

Tags:

angularjs

windows-10

cordova

I'm working on a Cordova application with Angular and I'm struggeling on something for Windows.

I'm trying something like this:

<img ng-src="{{dataDirectory + buildingPhoto.FilenamePhoto}}" class="full-width">

dataDirectory = "ms-appdata:///local"
buildingPhoto.FilenamePhoto = "VOL-00122kaftfoto_thumb.png"

But this only results in a broken image with this code:

<img class="full-width" src="unsafe:ms-appdata:///local/VOL-00122kaftfoto_thumb.png" ng-src="ms-appdata:///local/VOL-00122kaftfoto_thumb.png">

I figured the unsafe means the prefix is seen as insecure and it needs to be whitelisted, thus I added this in my app.js:

.config(['$compileProvider', function($compileProvider) {

    $compileProvider.aHrefSanitizationWhitelist(/^\s*(https?|ftp|mailto|file|ghttps?|ms-appx|ms-appdata|x-wmapp0):/);
    $compileProvider.imgSrcSanitizationWhitelist(/^\s*(https?|ftp|file|ms-appx|ms-appdata|x-wmapp0):|data:image\//);
}])

I also added this meta tag inside my index.html:

<meta http-equiv="Content-Security-Policy" content="ms-appdata *; default-src *; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'" />

But it's not working, so I'm kinda stuck here and hope somebody can push me in the right direction.

like image 345
Jordec Avatar asked Jan 26 '26 07:01

Jordec

2 Answers

Image src whitelisting using the following code fixes the issue: 

$compileProvider.imgSrcSanitizationWhitelist(/^\s*(https?|ftp|file|content|blob‌​|ms-appx|ms-appdata|x-wmapp0|unsafe|local):|data:image\//);

Also ensure that $compileProvider is not getting overridden anywhere else after the initial setting in app.js which actually resulted in the issue for Joris.

like image 77
Gandhi Avatar answered Jan 28 '26 21:01

Gandhi

After searching for days I finally found the solution to my problem.
Everything I was doing was correct. The only problem was that I was applying all of this in my app.js, while in my router.js everything got overridden by different code.

Lesson: always check if the angular app has configurations in other files before applying a patch

like image 26
Jordec Avatar answered Jan 28 '26 20:01

Jordec
Sign in to Comment

Related questions

success function is not working angular

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!