stackoom
  简体   繁体   中英

Cordova app can't connect with Dynamics NAV Web-Service (ODATA) after update to iOS 10

 原文  2016-10-20 07:59:18       javascript/ web-services/ cordova/ ios10/ content-security-policy

Question

We are developing an app with Cordova that syncs information with an ODATA Web-Service made available by a Microsoft Dynamics NAV 2013 Middle tier. Under Android there is no problem with the connection and under iOS 8 and 9 it works as well. On Devices using iOS 10 the connection does not work and returns a HTTP 400 Bad Request error. The connection has the following structure (this is test code, works on Android and iOS 8 and 9, but not on iOS 10) 

var xreq = new XMLHttpRequest();
xreq.open('GET', "http://domain:port/MIDDLETIER/OData/MobileSetupMWP?$format=json",true,username,password);
xreq.onreadystatechange = function () {
  if (xreq.readyState == 4) {
      if (xreq.status == 200) {
        alert("success");
      } else {
        alert("failure");
      }
  }
}
try {
  xreq.send();
} catch (e) {
  }

The Web-Service uses Digest as authentication and is available as a http and a https Web-Service. Both the http and https work with Android and iOS 8 and 9. Connecting to a http ODATA Web Service without authentication ( http://services.odata.org/V3/OData/OData.svc/ ) works on iOS 10 so the problem seems to be related to the authentication.

We have already included the following part in a plugin: 

<platform name="ios">
        <config-file target="*-Info.plist" parent="NSPhotoLibraryUsageDescription">
            <string>Für Bildvorschau wird die geräteeigene Fotogalerie verwendet</string>
        </config-file>
        <config-file target="*-Info.plist" parent="ITSAppUsesNonExemptEncryption">
            <false/>
        </config-file>
        <config-file target="*-Info.plist" parent="NSAppTransportSecurity">
            <dict><key>NSAllowsArbitraryLoads</key><true /></dict>
        </config-file>
    </platform>

This is the Content Security Policy we are using 

<meta http-equiv="Content-Security-Policy" content="default-src * blob: data: ws: wss: gap://ready ; style-src 'self' 'unsafe-inline' 'unsafe-eval' * ;
    script-src 'self' 'unsafe-inline' 'unsafe-eval' * ; connect-src * 'self' 'unsafe-inline' 'unsafe-eval' data: blob: ws: wss: ; img-src * data: blob:">

Any ideas what the problem could be or what we could test?

2 answers

solution1
 0  2016-10-21 13:09:54

The problem seems to be a general one with iOS 10s handling of Digest Authentication, basically the same problem as described here: HTTP digest authentication fail due to wrong nonce-count in iOS 10

We opened a Bug with Apple.

solution2
 0 ACCPTED  2016-11-10 14:18:20

The problem was solved by Apple with the 10.2 Beta version. Connection with DIGEST Web Services is possible again.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Suddenly can not connect to web services in Cordova app Unable to call web-service from angularjs app Can't connect to web service by JQuery Web-Service invoke with JavaScript Update web service / JSON data periodically for iOS app Can't run javascript after redirecting to another page in cordova app Can't connect to web service in Java due to CORS Passing data to a json/php web-service Ajax get request to wsdl web-service How can I display/get data in a request from a web-service using Express.JS?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM