Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

Web and WebWorks Development


Thank you for visiting the BlackBerry Support Community Forums.

BlackBerry will be closing the BlackBerry Support Community Forums Device Forums on April 1st (Developers, see below)

BlackBerry remains committed to providing excellent customer support to our customers. We are delighted to direct you to the CrackBerry Forums, a well-established and thorough support channel, for continued BlackBerry support. Please visit http://forums.crackberry.com or http://crackberry.com/ask. You can also continue to visit BlackBerry Support or the BlackBerry Knowledge Base for official support options available for your BlackBerry Smartphone.

"When we launched CrackBerry.com 10 years ago, we set out to make it a fun and useful destination where BlackBerry Smartphone owners could share their excitement and learn to unleash the full potential of their BlackBerry. A decade later, the CrackBerry community is as active and passionate as ever and I know our knowledgeable members and volunteers will be excited to welcome and assist more BlackBerry owners with their questions."

- Kevin Michaluk, Founder, CrackBerry.com

Developers, for more information about the BlackBerry Developer Community please review Join the Conversation on the BlackBerry Developer Community Forums found on Inside BlackBerry.


Reply
New Contributor
Posts: 2
Registered: ‎05-12-2011
My Device: Bold
My Carrier: Verizon

Access URI Wildcard - Security Risk

What, if any, are the security implications of setting your application to have access uri="*" in the config.xml? I realize this means any domains that fall into the wildcard can't access the application API's - but is there any other issue this could cause from a security point of view? Thank you!
Developer
Posts: 60
Registered: ‎06-08-2011
My Device: n/a
My Carrier: n/a

Re: Access URI Wildcard - Security Risk

I know this thread is out of date. Did you ever get a response?

Retired
Posts: 856
Registered: ‎07-15-2008
My Device: Passport
My Carrier: Bell

Re: Access URI Wildcard - Security Risk

There is relatively little security risk here, as you can't expose the WebWorks apis to the wildcard. It's more of a design decision than a security one, as the question should be asked: "do you really need access to the entire internet in your app?". In some cases yes you definitely do. In other cases, you may be opening up your application to unpredictable sites which are not formatted or designed for the use you are putting them, and a resulting poor experience for your users.

Tim Windsor
Open Source Technical Lead