Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
WKWebView - http://localhost same origin policy
See original GitHub issueWith ionic capacitor the used webview is fixed to WKWebView. This leads to the fact that the App is served internally via http://localhost if i understood this right. We did face some CORS issues, but so far we were able to solve them by configuring the servers which were owned or using JSONP API in case of the external Instagram API that was being used.
But we are facing now some issues regarding Google Ads, they get integrated via dynamic iframes, until now this wasn’t an issue. The iframes created by the ads seem to have some workarounds regarding Same Origin Policy (SOP). But lately a lot of the shown ads had shown some SOP error messages and the ads couldn’t be displayed correctly anymore.
Blocked a frame with origin "http://localhost:8237" from accessing a frame with origin "http://tpc.googlesyndication.com". Protocols, domains, and ports must match.
Are there some workarounds or configurations using the WKWebView that can be used to allow those iframes and requests? Or could it be possible to get rid of the localhost origin serving?
Some interesting WKWebView options regarding this topic that some one did point out: https://stackoverflow.com/questions/36013645/setting-disable-web-security-and-allow-file-access-from-files-in-ios-wkwebvi
Issue Analytics
- State:
- Created 5 years ago
- Reactions:1
- Comments:10 (4 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I checked with the latest beta.13 and this is still problem on both iOS and Android. I noticed that on iOS the scheme to load the app resources is capacitor://localhost but on Android this is still http://localhost.
On Android the CORS error is as follows:
Access to XMLHttpRequest at '<API_URL>' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.Thanks for the issue! This issue is being locked to prevent comments that are not relevant to the original issue. If this is still an issue with the latest version of Capacitor, please create a new issue and ensure the template is fully filled out.