So I recently converted my cordova project to version 5.1.1. I was previously running version 3.5, so it's quite a jump. In the upgrade process, I learned that we need to start including the whitelist plugin and whitelisting our endpoints. For the sake of brevity I'm just going to use the wildcards here.
<allow-navigation href="*" />
<!-- Allow links to web pages to open in a browser -->
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<access origin="*" subdomains="true" />
Apparently the whitelist plugin also needs a content security policy meta tag set in the HTML as well like so (again, just using generics to try and get this working, I'll clean it up after):
<!-- Enable all requests, inline styles, and eval() -->
<meta http-equiv="Content-Security-Policy" content="default-src * data: gap: https://ssl.gstatic.com; script-src * 'unsafe-eval' 'unsafe-inline'; style-src * 'unsafe-inline'; img-src * 'unsafe-inline'; connect-src *;" />
Notice in particular the connect-src *. My understanding is this would allow any ajax request to work.
In practice, once the app is running on my Samsung test device the AJAX requests are timing out. They aren't outright failing, but they are not returning a good response. Did I do something wrong here? What am I missing?
Using: - jQuery + jQuery Mobile - Phonegap Build to compile the binaries
