I am trying to send an ArrayBuffer to
https://1511921174.cloud.vimeo.com/upload?ticket_id=xxxxxxxxxx&video_file_id=xxxxxx&signature=xxxxxxxx=1%22
In iOS 10 nothing is happening. There must me a whitelisting error. I am whitelisting *.vimeo.com and *.cloud.vimeo.com per the cordova-plugin-whitelist docs. Everything works fine in iOS 9 and on Android.
<access origin="http://*.vimeo.com" subdomains="true" />
<access origin="https://*.vimeo.com" subdomains="true" />
<access origin="http://*.cloud.vimeo.com" subdomains="true" />
<access origin="https://*.cloud.vimeo.com" subdomains="true" />
Any ideas what could be happening?
Thanks!
It looks like this isn't a whitelist but an App Transport Security issue.
I got the videos to upload to Vimeo using iOS 10. It looks like there may be a problem with Vimeo's SSL certificate. They may use an old TLS version. When I turned off the App Transport Security in the plist it just worked:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
So without turning everything off I ended up adding the code below in the plist for vimeo.com only:
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>vimeo.com</key>
<dict>
<key>NSExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSThirdPartyExceptionAllowsInsecureHTTPLoads</key>
<true/>
<key>NSExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSThirdPartyExceptionRequiresForwardSecrecy</key>
<false/>
<key>NSIncludesSubdomains</key>
<true/>
<key>NSExceptionMinimumTLSVersion</key>
<string>TLSv1.0</string>
<key>NSRequiresCertificateTransparency</key>
<false/>
</dict>
</dict>
</dict>
I hope that helps anyone out there.
I had to make tweaks to the Content-Security-Policy meta tag for iOS 10 (see here) so it's possible that you also need to add/update that, e.g.
<meta http-equiv="Content-Security-Policy" content="default-src 'self' gap: file: https://*.cloud.vimeo.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:; media-src *">
Before I was adding Info.Plist entries with the edit-config tag in config.xml.
But for an obscure reason it wasn't working when I was overriding the NsAppTransportSecurity entry.
After some research, I that the cordova-plugin-whitelist is also translating the "access" and "allow-navigation" tags in the config.xml to a NsAppTransportSecurity entry in the Info.Plist file since october 2015 (source).
So the plugin was blocking my edit-config tag in my config.xml from overwriting this entry.
According to this doc from Cordova, you can set the transport security options in the "access" and "allow-navigation" tags in config.xml.
I did this and now it works great.
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 女痞 的文章《Cordova whitelist iOS 10 SSL error: Failed to load》','https://www.manongdao.com/article-517504.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}