pcwSlide
commented
6 months ago ok - so I see this issue around.
Turns out if you use this <content src="http://localhost/index.html" /> in the config.xml file - as well as cleartext - it works. Sadly it breaks the Browser platform.
The cleartext directive used to work..
Question: is this a bug due to a change in Chrome? If so, should code below deal with that issue?
<platform name="android">
<edit-config file="app/src/main/AndroidManifest.xml" mode="merge" target="/manifest/application">
<application android:usesCleartextTraffic="true" />
</edit-config>
</platform>
breautek
Hi, I have a simple cordova app with a link to a Express server route with a simple jason return.
This works in the Browser Platform so this should cover the Emulator/Phone setup as well - I have a open cors app and an open context-security header - however both Emulator/Phone don't get to the route - only browser because I assume, the Browser platform loads the index file as http by default- this I can see.
After some extended research adb tells me: "the page at 'https://localhost/index.html' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'http://192.168.1.7:3000/getResponse'. This request has been blocked; the content must be served over HTTPS.""
So the emulator is loading the page as https and this is why the link fails. I have clear text enabled - this always used to work. Why is the emulator/Chrome not not responding to this instruction?
I tried "upgrade-insecure-requests" in content..
Have you guys seen this? I know I should use https - this is not the point.
This has been working for ages but now - I think in the last few months - changed?
Appreciate any help..