1

We're building a HTTPS single page application for internal use. It contains HTTP external links. If embedded in apk/webview, there's no problem. If we try on windows workstation, in a browser, we have "mixed content errors". We don't want to add --allow-running-insecure-content to Chrome shortcut.

So my question is , is there a "--allow-running-insecure-content" behavior in Chrome App or Chrome Extension or another way to use our web application?

Thx!

Chine
  • 21
  • 3
  • Have you check this? http://stackoverflow.com/questions/14058789/how-to-force-loading-dynamic-insecure-content-in-chrome or http://stackoverflow.com/questions/18321032/how-to-get-chrome-to-allow-mixed-content – Android Enthusiast Apr 03 '16 at 13:32

1 Answers1

-1

Since you cannot modify the Content Security Policy for your chrome packaged app (you may for extensions), you need to use one of several approved methods.

The External Content page has the approved methods and caveats for loading various content including embedding web pages. A basic webview syntax is:

<webview src="http://news.google.com/" width="640" height="480"></webview>

You will also need "permissions": "webview" added to your manifest.json.

Alex Griffis
  • 708
  • 4
  • 9
  • well, I've already tried webview src="https://myapp.com" in a Chrome app. links or XMLHttpRequest to Http didn't work (mixed content error). – Chine Apr 03 '16 at 10:00