Between builds (I am unsure what changed to trigger this), an application went from the following behavior in iOS.
index.html
, and has an iframe that has many anchors in itindex.html
To:
index.html
, and has an iframe that has many anchors in itI have the latest version of cordova-plugin-inappbrowser
(1.3.0 at this time) installed, but that does not seem to be interfering with anything.
I have verified that I am still able to use JavaScript from index.html
to change attributes about anchors inside the frame, as well as to add events.
I am using the following CSP:
<meta http-equiv="Content-Security-Policy"
content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';">
I am unsure if that has something to do with it.
I've tried a number of iframe sandbox properties in an attempt to see what sticks, and none of them change outcome. Currently it's at:
<iframe id="the-iframe" sandbox="allow-scripts allow-modals allow-popups allow-popups-to-escape-sandbox allow-top-navigation allow-forms allow-same-origin"></iframe>
The src
of the iframe is set dynamically.
I have opened up a bug report on cordova to see if this is potentially a bug rather than a feature.
Why Safari doesn't allow to store cookie for iFrame? Answer: A: Answer: A: Try going to Safari/Preferences/Privacy and uncheck Prevent cross-site tracking.
I was facing this issue for a new application I'm working now, and it seems that is related with new whitelisting mode in Cordova iOS > 6. For us, I have made a workaround for allow navigation inside iframes (I can't be sure if it could generate any other problem, but for now we haven't seem anyone).
In cordova project, at Private/Plugins/CDVUIWebViewEngine/CDVIntentAndNavigationFilter.m
, we've just modified the shouldOverrideLoadWithRequest:navigationType:
method, changing the behaviour when a navigation is requested via UIWebViewNavigationTypeLinkClicked
.
With the new Cordova behaviour, in that case it stops navigation, and open it in system browser; I've commented that line ([[UIApplication sharedApplication] openURL:url];
) and modified the return, to return YES
; and with this two changes it is working as previous versions of cordova:
case UIWebViewNavigationTypeLinkClicked:
// Note that the rejection strings will *only* print if
// it's a link click (and url is not whitelisted by <allow-*>)
if ([self.allowIntentsWhitelist URLIsAllowed:url logFailure:NO]) {
// the url *is* in a <allow-intent> tag, push to the system
//[[UIApplication sharedApplication] openURL:url];
return YES;
} else {
[errorLogs addObject:[NSString stringWithFormat:allowIntents_whitelistRejectionFormatString, [url absoluteString]]];
}
I think that this behaviour should be configurable from config.xml parameter, but for us this workaround is enough right now.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With