Software Archive
Read-only legacy content
17061 Discussions

Error - Request was denied for Security

Jamie_C_
Novice
‎05-11-2017 10:53 PM
2,299 Views
Solved Jump to solution

Hi Guys

I am having an issue with my app once its built and deployed onto a physical device. All the AJAX calls work fine in the emulator and app preview but I am getting the "Request was denied for Security" error. Its starting to drive me slightly insane! So any help would be greatfully received...

I've got all these included:

<access origin="*"/>
<allow-intent href="http://*/*"/>
<allow-intent href="https://*/*"/>
<allow-intent href="tel:*"/>
<allow-intent href="sms:*"/>
<allow-intent href="mailto:*"/>
<allow-intent href="geo:*"/>
<allow-intent href="market:*"/>
<allow-intent href="*"/>
<allow-navigation href="https://*/*"/>
<allow-navigation href="http://*/*"/>
<allow-navigation href="data:*"/>
<allow-navigation href="*"/>

I've also tried this CSP tag

<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-eval' data: blob: filesystem: ws: gap: file: cdvfile: https://ssl.gstatic.com *; style-src * 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; img-src * data: 'unsafe-inline'; connect-src * 'unsafe-inline'; child-src *; ">

I've got very little hair as it is, and I am quickly losing more ;)

Thank you

Jamie

0 Kudos
1 Solution
Jamie_C_
Novice
‎05-12-2017 06:04 PM
2,299 Views
Solved Jump to solution

I have managed to resolve the issue by including the plugin below:

https://github.com/danjarvis/cordova-plugin-crosswalk-certificate

Hope this helps someone else

View solution in original post

0 Kudos
Copy link

Link Copied

5 Replies
PaulF_IntelCorp
Employee
‎05-12-2017 12:42 PM
2,298 Views
Solved Jump to solution

Try removing the CSP rule from your index.html and rely only on the whitelist rules. Also, try debugging with a built app on your device, using the remote CDT technique described here > https://software.intel.com/en-us/xdk/docs/using-remote-chrome-devtools-to-debug-android-cordova-apps <

0 Kudos
Copy link
PaulF_IntelCorp
Employee
‎05-12-2017 12:43 PM
2,298 Views
Solved Jump to solution

If removing the CSP rule doesn't work, see also the CSP rule that this guy used > https://software.intel.com/en-us/forums/intel-xdk/topic/721783#comment-1901658 <

0 Kudos
Copy link
Jamie_C_
Novice
‎05-12-2017 03:53 PM
2,299 Views
Solved Jump to solution

Thanks for the reply Paul, but still having no joy. I removed the CSP, and just re-tried with the basic included whitelisting and that didn't work. So I then tried with the CSP rule from the other thread and still no joy :(

Remote debugging isn't detecting the device, lookd like some driver issues. Any other ideas?

Thanks

0 Kudos
Copy link
Jamie_C_
Novice
‎05-12-2017 04:55 PM
2,299 Views
Solved Jump to solution

Just looking into this a little bit more, but an AJAX call works to a different server ok, just not to my own API server. But the calls work ok to my API in the emulator and app preview. There arent any SSL error's the certificate looks ok.

0 Kudos
Copy link
Jamie_C_
Novice
‎05-12-2017 06:04 PM
2,300 Views
Solved Jump to solution

I have managed to resolve the issue by including the plugin below:

https://github.com/danjarvis/cordova-plugin-crosswalk-certificate

Hope this helps someone else

0 Kudos
Copy link
Reply

Community support is provided during standard business hours (Monday to Friday 7AM - 5PM PST). Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.