Welcome!

Welcome to the Official BlackBerry Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Web and WebWorks Development

Reply
Topic Options
New Developer
New Developer
UserNeo
Posts: 68
Registered: ‎10-23-2008

Permission issues with HTTPS connections

Options

‎03-07-2013 11:18 AM

Hi,

 

i develop a little WebWorks app for BB10 with connections over HTTPS. 

My config.xml looks like this:

 

<widget xmlns="http://www.w3.org/ns/widgets"
        xmlns:rim="http://www.blackberry.com/ns/widgets"
        version="1.0.0"
        id="UploadTest">
    <name>UploadTest</name>
    <content src="index.html"/>
    <author>UploadTest</author>
	
	<access uri="*" />
	<feature id="blackberry.io.filetransfer">
        <param name="websecurity" value="disable" />
    </feature>	
	<feature id="blackberry.io">
        <param name="websecurity" value="disable" />
    </feature>
</widget>

 I try now a jquery ajax query on https://myurl.com appear in my simulator (Dev Alpha BB10_0_10.261) and Dev Alpha device following message

Access to "https://myurl.com/api.php?Email=mail@mail.mail&Password=pwd"" not allowed

 What am i doing wrong?

 

cu

UserNeo

Report Inappropriate Content
Message 1 of 3 (246 Views)
Reply
0 Likes
Please use plain text.
 
BlackBerry Development Advisor
BlackBerry Development Advisor
erikjohnzon
Posts: 232
Registered: ‎09-21-2012
My Carrier: Virgin

Re: Permission issues with HTTPS connections

Options

‎03-07-2013 01:42 PM

The whitelisting rules can be strange. Have you tried adding an access tag for the specific url. I can see that you have turned off websecurity. But give it a shot anyways.

 

<access uri="myurls.com" subdomains="true" />

 

@erikjohnzon
erjohnson@blackberry.com
Report Inappropriate Content
Message 2 of 3 (235 Views)
Reply
0 Likes
Please use plain text.
 
Developer
Developer
peardox
Posts: 696
Registered: ‎03-20-2011
My Carrier: 3, Orange, Vodafone

Re: Permission issues with HTTPS connections

Options

‎03-10-2013 04:03 PM

It's called whilelisting

 

What this means is exactly as it sounds

 

You whitelist a single domain

 

e.g.

 

<access domain="www.nobody.com">

</access>

 

INSIDE the access stuff you tell it what it can do

 

The disable web secirity is an override that allows you to ignore such settings but unless you have a VERY good reason to do so is a REALLY bad idea as it appears to the user that they might get a virus or summat

 

 



Click the like button if you find my posts useful!
Report Inappropriate Content
Message 3 of 3 (213 Views)
Reply
0 Likes
Please use plain text.