Uploaded image for project: 'Tools (JBoss Tools)'
  1. Tools (JBoss Tools)
  2. JBIDE-20757

Livereload does not work with CordovaSim on default THYM project

    XMLWordPrintable

Details

    • Hide

      Need to remove the following meta tag

              <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">
      Show
      Need to remove the following meta tag <meta http-equiv= "Content-Security-Policy" content= " default -src 'self' data: gap: https: //ssl.gstatic.com 'unsafe-eval' ; style-src 'self' 'unsafe-inline' ; media-src *" >

    Description

      Steps to reproduce:
      1) create default THYM project
      2) enable Livereload server
      3) run THYM project on CordovaSim
      4) edit index.html and save changes
      ERROR: refresh is not happening on Cordovasim

      In order to make it work one nee to remove the following meta tag from index.html:

              <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *">

      Livereload doesn't work with new THYM projects due to new cordova-white-list plugin security policy - https://github.com/apache/cordova-plugin-whitelist/blob/master/README.md#content-security-policy . The following error prevent script loading

      Refused to load the script 'http://localhost:35729/livereload.js' because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'script-src' was not explicitly set, so 'default-src' is used as a fallback.

      BTW, We are not the only one affected by this changes - http://forum.ionicframework.com/t/solution-for-livereload-problems-with-new-csp-rules/25449

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JBIDE-20771 Livereload not working with projects hosted on local Server with Content Security Policy (CSP) enabled

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Open

          Activity

            People

              kmarmaliykov Konstantin Marmalyukov (Inactive)
              ibuziuk@redhat.com Ilya Buziuk
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: