Software Archive
Read-only legacy content
17065 Discussions

Error - Request was denied for Security

Jamie_C_
Novice
1,166 Views

Hi Guys

I am having an issue with my app once its built and deployed onto a physical device. All the AJAX calls work fine in the emulator and app preview but I am getting the "Request was denied for Security" error. Its starting to drive me slightly insane! So any help would be greatfully received...

I've got all these included:

<access origin="*"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
<allow-intent href="market:*"/>
<allow-intent href="*"/>
<allow-navigation href="https://*/*"/>
<allow-navigation href="http://*/*"/>
<allow-navigation href="data:*"/>
<allow-navigation href="*"/>

I've also tried this CSP tag

<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval' data: blob: filesystem: ws: gap: file: cdvfile: https://ssl.gstatic.com *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; child-src *; ">

I've got very little hair as it is, and I am quickly losing more ;)

Thank you

Jamie

0 Kudos
1 Solution
Jamie_C_
Novice
1,166 Views

I have managed to resolve the issue by including the plugin below:

https://github.com/danjarvis/cordova-plugin-crosswalk-certificate

Hope this helps someone else

View solution in original post

5 Replies
PaulF_IntelCorp
Employee
1,165 Views

Try removing the CSP rule from your index.html and rely only on the whitelist rules. Also, try debugging with a built app on your device, using the remote CDT technique described here > https://software.intel.com/en-us/xdk/docs/using-remote-chrome-devtools-to-debug-android-cordova-apps <

PaulF_IntelCorp
Employee
1,165 Views

If removing the CSP rule doesn't work, see also the CSP rule that this guy used > https://software.intel.com/en-us/forums/intel-xdk/topic/721783#comment-1901658 <

Jamie_C_
Novice
1,166 Views

Thanks for the reply Paul, but still having no joy. I removed the CSP, and just re-tried with the basic included whitelisting and that didn't work. So I then tried with the CSP rule from the other thread and still no joy :(

Remote debugging isn't detecting the device, lookd like some driver issues. Any other ideas?

Thanks

Jamie_C_
Novice
1,166 Views

Just looking into this a little bit more, but an AJAX call works to a different server ok, just not to my own API server. But the calls work ok to my API in the emulator and app preview. There arent any SSL error's the certificate looks ok.

Jamie_C_
Novice
1,167 Views

I have managed to resolve the issue by including the plugin below:

https://github.com/danjarvis/cordova-plugin-crosswalk-certificate

Hope this helps someone else

Reply