Is it possible to allow Cross Site Scripting (XSS) in Mobile safari?

javascript ios xcode xss hybrid
Nathan picture Nathan · Mar 15, 2012 · Viewed 9.5k times · Source

I am building a hybrid app (HTML,CSS, JS + Native iOS code), and Would like to make calls to a web service, but this is being blocked currently by the XSS Security.

What do I need to do to turn off this security feature (or more likely provide a whitelist that is allowed to connect?)

Thanks for the help!

Answer

Yusuf X picture Yusuf X · Mar 13, 2014

Yes.

You can use Cross Origin Resource Sharing, iff you're allowed to configure the server to support it, and it works on enough browsers for your needs.

Related questions

How to see the javascript errors of PhoneGap app in Xcode?

I want to debug my PhoneGap app in Xcode, but its Console can not show javascript errors.

Read More
Loading javascript into a UIWebView from resources

I need to load javascript files from my apps resources folder. As of right now, it does read images from the resources just fine, but it's not reading javascripts for some reason. I have been able to render html docs …

Read More
Detect if device is iOS

I'm wondering if it's possible to detect whether a browser is running on iOS, similar to how you can feature detect with Modernizr (although this is obviously device detection rather than feature detection). Normally I would favour feature detection instead, …

Read More