07-25-2013 08:58 AM
I had added this as a comment to the blog post, but in the README for the Facebook OAUTH 2.0 Sample, you have following note. So how should we implement that without disabling websecurity? We are trying to deploy our app using the internal BES Server, and some users have reported having issue related to this.
Note: While we need to disable web security in order to read the location of our childWindow object, it's recommended that you don't do this in your apps unless absolutely necessary.
07-25-2013 09:04 AM
It's generally a lot easier to just disable web security, but that practice scares some people. If it's not a good option for where you're at, the other option would be to whitelist each domain your app needs to access via the <access> element.
07-25-2013 09:09 AM
Thank you, Chad, for quick response. So is there anything else I need to do other than adding the access uri and the two features tag listed there?
I had tried that on the simulator, but the childWindow won't close after authenticating, so I was wondering if I missed something.
07-25-2013 09:13 AM
07-25-2013 09:55 AM
I just tried access uri out with all the domains included, but unfortunatley, I am getting following error:
Any idea how to resolve this?
Also, I was wondering if you can clear up one point. Is it really the case that the signed package cannot have websecurity disabled? Based on the error report from the users and based on this documentation, this seems to be the case, but I just want to confirm that this is the source of the initial error.
07-25-2013 10:00 AM
Yes, you can have web security disabled completely.
If you're running into issues like this, I would just disable web security entirely in the config.xml. It can be tricky with some services to whitelist all of the domains separately, and then hoping that the service's domain doesn't change in the future and break compatibility with your app.
a week ago
I upgraded today to webworks sdk 2 beta and my app is full with errors now, in debug modes i see:
a week ago
I converted the OAuth sample over for the new WebWorks. Can you take a look at the new sample? There are a few changes, but overall pretty minimal.