cordova-plugin-code-push
cordova-plugin-code-push copied to clipboard
microsoft
CORS error
Description
Happen with ionic webview plugin (mandatoy for ionic apps to change server options and get the best perfomance)
Access to XMLHttpRequest at 'https://codepush.azurewebsites.net/reportStatus/deploy' from origin 'https://myapp' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
This is the error, we see that error using IONIC + CORDOVA + PLUGIN IONIC WEBVIEW https://github.com/ionic-team/cordova-plugin-ionic-webview this plugin allow to change the "serve" instead file:// you can serve with other protocols internally in the apps it's useful for example with google maps to enable domains with determinated key
The config for this plugin on config.xml (cordova based project) -->
So ... our APP call to appcenter Backend as a https://myapp but.... your CORS configuration denied that request because https://myapp is not allowed ..... imposible to coneect all domains are blocked by your CORS
I'm seeing a similar error.
Access to XMLHttpRequest at 'https://codepush.azurewebsites.net/reportStatus/deploy' from origin 'ionic://localhost' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
It seems to work for me with the Ionic engine. The updates though are gone once the app is force-closed: https://github.com/microsoft/cordova-plugin-code-push/issues/558.
PS. Confirmed that my issue is caused by CORS errors using the Ionic Engine custom scheme (the default one ionic:// or a custom one - iosapp:// in my case)
Works with this meta
<meta
http-equiv="Content-Security-Policy"
content="default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';"
/>