Combining Apache Thrift with Apache Cordova

Question

I was wondering if anybody had any success with making a app with Cordova and then send an RPC call using Thrift. I was trying to send a string to a C++ server from my phone on a different network but it wouldn't because of CORS. Anyway around this?

Answer 1

Cordova and Phonegap does NOT use or enforce CORS. The security is handle a different way -- with white-lists.

Here is what you need to know.

From Top Mistakes by Developers new to Cordova/Phonegap you have hit:

• #10 Not adding the new "white-list" and "white-list plugin" parameters in config.xml.

For #10

This relatively * NEW * requirement means – to access ANY website or resources on the web, you MUST use the whitelist and the whitelist plugin. This requirement goes into affect if you are using cordova-android@4.0.0 or better; including cli-5.1.1. If however, your version is before 4.0.0, let use say 3.5.0 or 3.7.0, then you will not have to add the white-list requirement.

To be clear, the "whitelist" has been around for a bit, but the plugin and requirement is very new. As you would expect, when the "whitelist" was added, the defacto open-access feature was deprecated. Or said another way, the defacto open-access feature was planned and scheduled to be eliminated. This change marks a step in removal of the open-access feature.

In addition, the Content Security Policy (CSP) has caught numerous developers - because it was soooo poorly publicized. This CSP needs to go in every single HTML page you used, just like you have to wait for 'deviceready'. The documentation is buried in the bottom of many of the latest documentation pages.

Related Links

Phonegap Build Forum: Notes for upgrading to cli-5.1.1 on PGB and now required Whitelist

• Cordova Whitelist Guide
• Phonegap Whitelist Guide
• Phonegap Build Whitelist Guide