topic Error - Request was denied for Security in Software Archive

Error - Request was denied for Security

Jamie_C_ — Fri, 12 May 2017 05:53:49 GMT

Hi Guys

I am having an issue with my app once its built and deployed onto a physical device. All the AJAX calls work fine in the emulator and app preview but I am getting the "Request was denied for Security" error. Its starting to drive me slightly insane! So any help would be greatfully received...

I've got all these included:

<access origin="*"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
<allow-intent href="market:*"/>
<allow-intent href="*"/>
<allow-navigation href="https://*/*"/>
<allow-navigation href="http://*/*"/>
<allow-navigation href="data:*"/>
<allow-navigation href="*"/>

I've also tried this CSP tag

<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval' data: blob: filesystem: ws: gap: file: cdvfile: https://ssl.gstatic.com *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; child-src *; ">

I've got very little hair as it is, and I am quickly losing more ;)

Thank you

Jamie

Try removing the CSP rule

PaulF_IntelCorp — Fri, 12 May 2017 19:42:58 GMT

Try removing the CSP rule from your index.html and rely only on the whitelist rules. Also, try debugging with a built app on your device, using the remote CDT technique described here > https://software.intel.com/en-us/xdk/docs/using-remote-chrome-devtools-to-debug-android-cordova-apps <

If removing the CSP rule

PaulF_IntelCorp — Fri, 12 May 2017 19:43:58 GMT

If removing the CSP rule doesn't work, see also the CSP rule that this guy used > https://software.intel.com/en-us/forums/intel-xdk/topic/721783#comment-1901658 <

Thanks for the reply Paul,

Jamie_C_ — Fri, 12 May 2017 22:53:32 GMT

Thanks for the reply Paul, but still having no joy. I removed the CSP, and just re-tried with the basic included whitelisting and that didn't work. So I then tried with the CSP rule from the other thread and still no joy :(

Remote debugging isn't detecting the device, lookd like some driver issues. Any other ideas?

Thanks

Just looking into this a

Jamie_C_ — Fri, 12 May 2017 23:55:36 GMT

Just looking into this a little bit more, but an AJAX call works to a different server ok, just not to my own API server. But the calls work ok to my API in the emulator and app preview. There arent any SSL error's the certificate looks ok.

I have managed to resolve the

Jamie_C_ — Sat, 13 May 2017 01:04:09 GMT

I have managed to resolve the issue by including the plugin below:

https://github.com/danjarvis/cordova-plugin-crosswalk-certificate

Hope this helps someone else