我試圖連接到SharePoint 2013服務器得到一些列表等 我有這樣的HTML代碼,我讓我的用戶名/密碼/ SharePoint的網址:的XMLHTTP「打開」的錯誤與新版本科爾多瓦
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta charset="utf-8" />
<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *" />
<title>SP Manager</title>
<!-- Some Stylesheets -->
<!-- Cordova-Scripts -->
<script src="cordova.js"></script>
<script src="scripts/platformOverrides.js"></script>
<!-- Onsen-UI Scripts -->
<script src="lib/angular/angular.js"></script>
<script src="lib/onsenui/js/onsenui.js"></script>
<!-- Zing Chart -->
<script src="lib/zingchart_trial/zingchart.min.js"></script>
<script src="scripts/ChartJS/control.js"></script>
<script src="scripts/ChartJS/chart.js"></script>
<!-- Standard Scripts -->
<script src="lib/jquery/dist/jquery.js"></script>
<script src="scripts/Page JS/index.js"></script>
<script src="../scripts/SharepointJS/sharepoint.js"></script>
<script src="scripts/TimeJS/scripte.js"></script>
<script>
ons.bootstrap(); //Call für OnsenUI-Init
</script>
</head>
<body>
<ons-navigator id="navigator" title="Navigator" var="loginNavigator">
<ons-page var="pagecontent" >
<div style="width:100%;" id="logoLogin">
<img src="Images/logo.png" style="height: 100%;"/>
</div>
<div class="login-form">
<input id="sharepoint" type="text" class="text-input--underbar" placeholder="Sharepoint" style="" onclick="changeSharepointURL(true)" readonly="readonly">
<input id="username" type="text" class="text-input--underbar" placeholder="Benutzername" value="agile\shau" style="" onclick="clearInput('#username')">
<input id="password" type="password" class="text-input--underbar" placeholder="Passwort" value="[email protected]" style="" onclick="clearInput('#password')">
<br>
<ons-button id="LoginButton" onclick="sharepointLogin()" class="login-button">Einloggen</ons-button>
<br /><br />
<ons-button class="forgot-password" onclick="SP.loginOffline()">Offline Anmelden</ons-button>
<ons-button onclick="resetURL()">Reset URL</ons-button>
</div>
<div id="errorMessageLogin" style="color:red; text-align:center;">
</div>
</ons-page>
</ons-navigator>
</body>
</html>
這是用來連接到我的SharePoint腳本IM:
var urlSP = window.localStorage.getItem('sharepoint') + "something else";
var xmlHttp = new XMLHttpRequest();
xmlHttp.onreadystatechange = function() {
if (xmlHttp.readyState == 4) {
if (xmlHttp.status == 200) {
that.usernameID = JSON.parse(xmlHttp.responseText).d.Id; //Get and save the Username-ID from Sharepoint
window.localStorage.setItem("lastUser", that.usernameID); //Save this ID ín local Storage
window.localStorage.setItem("username", username); //Save the username in local Storage
that.password = password;
callback(xmlHttp.responseText);
} else {
$("#errorMessageLogin").html("Wrong Username/Password/URL.");
}
}
}
xmlHttp.open("GET", urlSP, false);
that.credentials = "Basic " + window.btoa(username + ":" + password); //Save credentials
window.localStorage.setItem("credentials", that.credentials); //Save in local storage too
xmlHttp.setRequestHeader("Authorization", that.credentials);
xmlHttp.setRequestHeader("Accept", "application/json;odata=verbose");
xmlHttp.send(null);
此代碼工作正常與科爾多瓦的舊版本(我的隊友們正在使用第3版,我認爲)。
現在,如果我嘗試使用內置的從VS2015和第4版Android模擬器科爾多瓦即時得到這個錯誤的啓動應用程序:
Refused to connect to 'my SP adress' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
sharepoint.js (111,17)
Uncaught SecurityError: Failed to execute 'open' on 'XMLHttpRequest': Refused to connect to 'my SP adress' because it violates the document's Content Security Policy.
sharepoint.js (111,17)
我已閱讀,我需要的白名單插件從科爾多瓦在爲了執行請求。我已經將它添加到項目(使用VS)以及此代碼在config.xml中
<?xml version="1.0" encoding="utf-8"?>
<widget xmlns:cdv="http://cordova.apache.org/ns/1.0" xmlns:vs="http://schemas.microsoft.com/appx/2014/htmlapps" id="io.cordova.myappd6b043" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" defaultlocale="de-DE">
<name>SP Manager</name>
<description>A blank project that uses Apache Cordova to help you build an app that targets multiple mobile platforms: Android, iOS, Windows, and Windows Phone.</description>
<author href="http://cordova.io" email="[email protected]">Apache Cordova Team </author>
<content src="index.html" />
<access origin="*" />
<!-- #################ADDED THIS LINE############## -->
<allow-intent href="https://my SP adress/*" />
<vs:features />
<preference name="SplashScreen" value="screen" />
<preference name="windows-target-version" value="8.1" />
<!-- Support for Cordova 5.0.0 plugin system -->
<plugin name="cordova-plugin-whitelist" version="1" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
<!-- some icon sources -->
<vs:plugin name="cordova-plugin-whitelist" version="1.2.0" />
</widget>
但它仍然不起作用。
編輯:我的隊友更新了他在VS2015科爾多瓦和工作沒有任何問題......我很困惑... 即使重新安裝沒有工作......
您是否試圖完全評論您的Content-Security-Policy元標記?只是爲了看看它是否是問題的根源。 – Phonolog
是的,但後來我得到了與來自Filipe Pinto(Access-Control-Allow-Origin)的其他元標記相同的錯誤。 – MindFreak