🚀 DAY 4 OF LAUNCH WEEK: Introducing GitHub Actions Scanning Support.Learn more →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@brodybits/cordova-plugin-ios-xhr

Package Overview
Dependencies
Maintainers
1
Versions
1
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@brodybits/cordova-plugin-ios-xhr

Cordova iOS 6+ File XHR Plugin

latest
Source
npmnpm
Version
0.0.1-rc01
Version published
Weekly downloads
2
100%
Maintainers
1
Weekly downloads
 
Created
Source

cordova-plugin-ios-xhr

cordova-ios 6+ File XHR Plugin

Preface

Dec 2020: This plugin was forked from https://github.com/globules-io/cordova-plugin-ios-xhr

Purpose: Add capabilities to adjust timeout for jQuery triggered XHR requests.

Sep 2021: Added cookie sync capability from cordova-plugin-webview-proxy Merged from upstream repository.

About

Originally, this plugin was a merge of two other plugins, and made compatible for cordova-ios 6+.

cordova-plugin-wkwebview-file-xhr

cordova-plugin-wkwebviewxhrfix

It's been since remodified and the code from TheMattRay has now been entirely removed. It is kept here as original reference. This could be turned into a PR to cordova-plugin-wkwebview-file-xhr, if time allows it, or if anybody wants to go at it! All credits go to Oracle.

Install

Install latest release

 cordova plugin add @brodybits/cordova-plugin-ios-xhr

Or install from github master

 cordova plugin add https://github.com/brodybits/cordova-plugin-ios-xhr

Uninstall

 cordova plugin rm @brodybits/cordova-plugin-ios-xhr

Preferences

 <preference name="NativeXHRLogging" value="full|none" />
 <preference name="AllowUntrustedCerts"  value="true|false" />
 <preference name="InterceptRemoteRequests" value="all|secureOnly" />
 <preference name="CustomUserAgent" value="my_custom_user_agent" />
 <preference name="allowFileAccessFromFileURLs" value="true|false" />
 <preference name="allowUniversalAccessFromFileURLs" value="true|false" />

Description

The default behavior of WKWebView is to raise a cross origin exception when loading files from the main bundle using the file protocol - "file://". This plugin works around this shortcoming by loading files via native code if the web view's current location has "file" protocol and the target URL passed to the open method of the XMLHttpRequest is relative. As a security measure, the plugin verifies that the standardized path of the target URL is within the "www" folder of the application's main bundle or in the /Library path of the application data directory.

Since the application's starting page is loaded from the device's file system, all XHR requests to remote endpoints are considered cross origin. For such requests, WKWebView specifies "null" as the value of the Origin header, which will be rejected by endpoints that are configured to disallow requests from the null origin. This plugin works around that issue by handling all remote requests at the native layer where the origin header will be excluded

Fixes local file access via XHR with WKWebView

Override timeout for native XHR, using timeout from jQuery ($.ajaxSettings.timeout)

Keywords

cordova
wkwebview
ecosystem:cordova
cordova-ios

FAQs

Package last updated on 17 Jan 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Introducing GitHub Actions Scanning Support

Product

Introducing GitHub Actions Scanning Support

Detect malware, unsafe data flows, and license issues in GitHub Actions with Socket’s new workflow scanning support.

By Rakesh Chatrath, Greg Tystahl  -  Oct 23, 2025