问题
Between builds (I am unsure what changed to trigger this), an application went from the following behavior in iOS.
- A main webview loads
index.html, and has an iframe that has many anchors in it - Anchors would stay inside the iFrame unless otherwise manipulated and redirected with JavaScript that runs from
index.html
To:
- A main webview loads
index.html, and has an iframe that has many anchors in it - Clicking any anchor inside of the iFrame or any action that triggers a location change results in the new page being loaded in the Safari App rather than inside the iFrame
I have the latest version of cordova-plugin-inappbrowser (1.3.0 at this time) installed, but that does not seem to be interfering with anything.
I have verified that I am still able to use JavaScript from index.html to change attributes about anchors inside the frame, as well as to add events.
I am using the following CSP:
<meta http-equiv="Content-Security-Policy"
content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval';">
I am unsure if that has something to do with it.
I've tried a number of iframe sandbox properties in an attempt to see what sticks, and none of them change outcome. Currently it's at:
<iframe id="the-iframe" sandbox="allow-scripts allow-modals allow-popups allow-popups-to-escape-sandbox allow-top-navigation allow-forms allow-same-origin"></iframe>
The src of the iframe is set dynamically.
I have opened up a bug report on cordova to see if this is potentially a bug rather than a feature.
回答1:
I was facing this issue for a new application I'm working now, and it seems that is related with new whitelisting mode in Cordova iOS > 6. For us, I have made a workaround for allow navigation inside iframes (I can't be sure if it could generate any other problem, but for now we haven't seem anyone).
In cordova project, at Private/Plugins/CDVUIWebViewEngine/CDVIntentAndNavigationFilter.m, we've just modified the shouldOverrideLoadWithRequest:navigationType: method, changing the behaviour when a navigation is requested via UIWebViewNavigationTypeLinkClicked.
With the new Cordova behaviour, in that case it stops navigation, and open it in system browser; I've commented that line ([[UIApplication sharedApplication] openURL:url]; ) and modified the return, to return YES; and with this two changes it is working as previous versions of cordova:
case UIWebViewNavigationTypeLinkClicked:
// Note that the rejection strings will *only* print if
// it's a link click (and url is not whitelisted by <allow-*>)
if ([self.allowIntentsWhitelist URLIsAllowed:url logFailure:NO]) {
// the url *is* in a <allow-intent> tag, push to the system
//[[UIApplication sharedApplication] openURL:url];
return YES;
} else {
[errorLogs addObject:[NSString stringWithFormat:allowIntents_whitelistRejectionFormatString, [url absoluteString]]];
}
I think that this behaviour should be configurable from config.xml parameter, but for us this workaround is enough right now.
来源:https://stackoverflow.com/questions/36572869/why-are-links-inside-an-iframe-opening-in-system-safari