如何让托管的 nodejs 网站到 cordova 上的 运行?
How to get hosted nodejs website to run on cordova?
我有一个使用 NodeJS 管理数据库的网站(HTML5 游戏),我也在尝试使用 Cordova 移植它 android 和 IOS,但是我不知道如何让 Cordova 使用 URL 加载网站,我需要它加载到 URL 因为所有服务器端的东西。有人对如何执行此操作有任何建议吗?
我看了无数 articles/posts 但每次我通过点击 index.HTML 来测试它时 redirect/show 我的网站。
我尝试了几个插件,甚至只是使用简单的 javascript 来加载网站,但没有任何效果。
当我打开 index.html
时出现以下错误
Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”).
我的config.xml:
<?xml version='1.0' encoding='utf-8'?>
<widget id="io.cordova.hellocordova" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>HelloCordova</name>
<description>
A sample Apache Cordova application that responds to the deviceready event.
</description>
<author email="dev@cordova.apache.org" href="http://cordova.io">
Apache Cordova Team
</author>
<content src="index.html" />
<plugin name="cordova-plugin-whitelist" spec="1" />
<access origin="http://mysite.us*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
</widget>
<cordova>
<access origin="http://mysite.us*"/>
</cordova>
我的index.js
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var app = {
// Application Constructor
initialize: function() {
document.addEventListener('deviceready', this.onDeviceReady.bind(this), false);
},
// deviceready Event Handler
//
// Bind any cordova events here. Common events are:
// 'pause', 'resume', etc.
onDeviceReady: function() {
this.receivedEvent('deviceready');
window.location="http://mysite.us";
},
// Update DOM on a Received Event
receivedEvent: function(id) {
var parentElement = document.getElementById(id);
var listeningElement = parentElement.querySelector('.listening');
var receivedElement = parentElement.querySelector('.received');
listeningElement.setAttribute('style', 'display:none;');
receivedElement.setAttribute('style', 'display:block;');
console.log('Received Event: ' + id);
}
};
app.initialize();
这是我使用的代码:
<plugin name="cordova-plugin-whitelist" source="npm" />
<allow-navigation href="https://example.org/*" />
<allow-intent href="https://example.org/*" />
<access origin="https://example.org/*" />
它不需要在平台标签中,您显然需要将 url 替换为您自己的标签。
如果您需要 select 文件夹或域中的所有内容,您可以使用通配符:*(如上所示)
编辑:
请记住,您还需要将您的网络应用加载的所有资源都列入白名单,例如:
如果您通过 cdn 加载 jQuery,那么您需要将 url 或 cdn 的整个域名列入白名单。
还要记住,如果外部 urls 被列入黑名单,首先是为了防止 Xss 注入。如果您将太多 url 列入白名单,人们可能会从您已列入白名单的来源加载脚本,从而通过您的应用欺骗用户。
编辑 2:
您也可以简单地使用 iframe 而不是 window.location
<iframe src="https://example.com/nodejs-webapp/" style="border: 0; width: 100%; height: 100%">Your browser doesn't support iFrames.</iframe>
这在 head 标签中
<style>body{margin:0;}</style>
我有一个使用 NodeJS 管理数据库的网站(HTML5 游戏),我也在尝试使用 Cordova 移植它 android 和 IOS,但是我不知道如何让 Cordova 使用 URL 加载网站,我需要它加载到 URL 因为所有服务器端的东西。有人对如何执行此操作有任何建议吗?
我看了无数 articles/posts 但每次我通过点击 index.HTML 来测试它时 redirect/show 我的网站。
我尝试了几个插件,甚至只是使用简单的 javascript 来加载网站,但没有任何效果。
当我打开 index.html
时出现以下错误Content Security Policy: The page’s settings blocked the loading of a resource at inline (“default-src”).
我的config.xml:
<?xml version='1.0' encoding='utf-8'?>
<widget id="io.cordova.hellocordova" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>HelloCordova</name>
<description>
A sample Apache Cordova application that responds to the deviceready event.
</description>
<author email="dev@cordova.apache.org" href="http://cordova.io">
Apache Cordova Team
</author>
<content src="index.html" />
<plugin name="cordova-plugin-whitelist" spec="1" />
<access origin="http://mysite.us*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
</widget>
<cordova>
<access origin="http://mysite.us*"/>
</cordova>
我的index.js
/*
* Licensed to the Apache Software Foundation (ASF) under one
* or more contributor license agreements. See the NOTICE file
* distributed with this work for additional information
* regarding copyright ownership. The ASF licenses this file
* to you under the Apache License, Version 2.0 (the
* "License"); you may not use this file except in compliance
* with the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
var app = {
// Application Constructor
initialize: function() {
document.addEventListener('deviceready', this.onDeviceReady.bind(this), false);
},
// deviceready Event Handler
//
// Bind any cordova events here. Common events are:
// 'pause', 'resume', etc.
onDeviceReady: function() {
this.receivedEvent('deviceready');
window.location="http://mysite.us";
},
// Update DOM on a Received Event
receivedEvent: function(id) {
var parentElement = document.getElementById(id);
var listeningElement = parentElement.querySelector('.listening');
var receivedElement = parentElement.querySelector('.received');
listeningElement.setAttribute('style', 'display:none;');
receivedElement.setAttribute('style', 'display:block;');
console.log('Received Event: ' + id);
}
};
app.initialize();
这是我使用的代码:
<plugin name="cordova-plugin-whitelist" source="npm" />
<allow-navigation href="https://example.org/*" />
<allow-intent href="https://example.org/*" />
<access origin="https://example.org/*" />
它不需要在平台标签中,您显然需要将 url 替换为您自己的标签。
如果您需要 select 文件夹或域中的所有内容,您可以使用通配符:*(如上所示)
编辑:
请记住,您还需要将您的网络应用加载的所有资源都列入白名单,例如: 如果您通过 cdn 加载 jQuery,那么您需要将 url 或 cdn 的整个域名列入白名单。
还要记住,如果外部 urls 被列入黑名单,首先是为了防止 Xss 注入。如果您将太多 url 列入白名单,人们可能会从您已列入白名单的来源加载脚本,从而通过您的应用欺骗用户。
编辑 2:
您也可以简单地使用 iframe 而不是 window.location
<iframe src="https://example.com/nodejs-webapp/" style="border: 0; width: 100%; height: 100%">Your browser doesn't support iFrames.</iframe>
这在 head 标签中
<style>body{margin:0;}</style>