I am developing Android phonegap application with jquery.mobile-1.4.3.js and cordova.3.5.0.
i am calling $ajax for web service. below is a code snippet.
<
eg: header('Access-Control-Allow-Origin: *');
ensure "ModSecurity" is disabled on your server (if you have cPanel access you should be able to do that via cPanel / Security or something like that)
ensure you have the cordova whitelist plugin installed (use the "legacy" plugin for cordova pre v5.0.0):
$ cordova plugin add cordova-plugin-legacy-whitelist
setup a very open whitelist in your cordova config.xml:
setup a Content Security Policy in your index.html:
This makes everything WIDE open, whereas the point of cross-origin-domains, whitelisted URL request, and content security policies is to restrict cross-domain access. I'll leave it as an exercise to research and restrict the security down, after you get the thing working.
I hope this helps.
References:
https://github.com/apache/cordova-plugin-whitelist#content-security-policy https://cordova.apache.org/announcements/2015/04/21/plugins-release-and-move-to-npm.html http://content-security-policy.com/