whitelist

What is the state of whitelisting in phonegap 1.3.0?

The whitelist is present on both iOS and Android, but not other platforms yet. Under iOS, it goes under the name of “External Hosts,” which is explained here: http://wiki.phonegap.com/w/page/41631150/PhoneGap%20for%20iOS%20FAQ Q. Links to and imported files from external hosts don’t load? A. The latest code has the new white-list feature. If you are referencing external hosts, … Read more

Allow user submitted HTML in PHP

HTML Purifier is a standards-compliant HTML filter library written in PHP. HTML Purifier will not only remove all malicious code (better known as XSS) with a thoroughly audited, secure yet permissive whitelist, it will also make sure your documents are standards compliant, something only achievable with a comprehensive knowledge of W3C’s specifications.

Error: Whitelist rejection in Phonegap

Notice: This answer only applies for PhoneGap version 1.x and below. From version 2.x onwards, whitelist configuration is done via cordova.xml. You have to add allowed URLs into PhoneGap.plist’s (or Cordova.plist) ExternalHosts array. For example, if you want to allow access to this URL http://www.myhost.com/path/file, then add www.myhost.com as a new entry to ExternalHosts array. … Read more

“No Content-Security-Policy meta tag found.” error in my phonegap application

After adding the cordova-plugin-whitelist, you must tell your application to allow access all the web-page links or specific links, if you want to keep it specific. You can simply add this to your config.xml, which can be found in your application’s root directory: Recommended in the documentation: <allow-navigation href=”http://example.com/*” /> or: <allow-navigation href=”http://*/*” /> From … Read more