Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Web and WebWorks Development

Reply
New Developer
wx_junkie
Posts: 7
Registered: ‎08-29-2013
My Device: Q10
Accepted Solution

use XMLHttpRequest with variable server address

I have a connundrum. :smileyhappy:

 

I'm developing a WebWorks app for BB10, in which it performs XMLHttpRequest GET funcitons to send an http message to a server to report information at fixed intervals.  

 

Here's the problem: the address of the server that is receiving the GPS messages needs to be specified by the user inside the app itself, depending on their configuration (they typically set up their own host / server).

 

So I can't put any <access uri="http://www.theirserver.com" /> info in my config.html, because it's user-specified at run-time.

 

And <access uri="*" /> is not a solution, as this will still not allow requests via XMLHttpRequest.

 

Do I have any other options available to me to allow this to function as desired?  I have considered using a web proxy at a fixed address to get around the issue, but I'd rather use that as a VERY last resort.

 

Thanks very much,

 

Ray

Please use plain text.
BlackBerry Development Advisor
anzor_b
Posts: 165
Registered: ‎09-24-2012
My Device: Passport

Re: use XMLHttpRequest with variable server address

You can disable the AJAX whitelist/blacklist altogether, using the following:

 

<feature id="blackberry.app">
    <param name="websecurity" value="disable" />
</feature>

As mentioned in the documentation, this feature is intended as a development convenience only. In production, all URIs should be known and should be whitelisted using the <access>element. But for dynamic AJAX requests, I don't see any other way.

 

https://developer.blackberry.com/html5/documentation/param_element.html

Please use plain text.
New Developer
wx_junkie
Posts: 7
Registered: ‎08-29-2013
My Device: Q10

Re: use XMLHttpRequest with variable server address


anzor_b wrote:

You can disable the AJAX whitelist/blacklist altogether, using the following:

 

<feature id="blackberry.app">
    <param name="websecurity" value="disable" />
</feature>

As mentioned in the documentation, this feature is intended as a development convenience only. In production, all URIs should be known and should be whitelisted using the <access>element. But for dynamic AJAX requests, I don't see any other way.

 

https://developer.blackberry.com/html5/documentation/param_element.html


Thank you.  I'm hoping this won't immediately render my app "rejectable" once submitted to BlackBerry World for approval....

 

Ray

Please use plain text.