Comments (5)
jprichardson
commented on June 19, 2024
Nah, I'm not in favor of this. Not sure if XMLHttpRequest can be clobbered, but if it can, this is something that the consumer of the plugin should do. I'm in favor of APIs, plugins, that cause no surprises and clobbering XMLHttpRequest out of the box could produce unintended side-effects.
from securehttp.
EddyVerbruggen
commented on June 19, 2024
I like the idea of it being a drop-in replacement per Stefans suggestion, but that would not be ideal for everybody. A strong argument against it is that the plugin doesn't support all HTTP methods.
Like I said, I like the general idea, so perhaps we can provide a JS adapter as part of the plugin distribution which users can drop into their project if they like.
from securehttp.
ligaz
commented on June 19, 2024
A strong argument against it is that the plugin doesn't support all HTTP methods.
Both native frameworks support setting the HTTP method so I guess this is doable.
I like the idea of having the clobbering configurable either via config.xml preference or with JavaScript.
from securehttp.
rob3c
commented on June 19, 2024
Hi, I see that support for PUT and DELETE was added in the last few months. Does this mean we can manually clobber XMLHttpRequest reliably now, or are there still issues with doing this?
from securehttp.
rob3c
commented on June 19, 2024
Well, I forked the project and dug around a bit and figured I'd share some observations before I immediately forget everything. :-)
It turns out, it's not just about supporting more HTTP methods. There's also an overall lack of flexibility in terms of content types. Currently, the supported methods assume the content type is application/x-www-form-urlencoded when encoding the body regardless of what you set in the header.
There is a fork of the original cordovaHTTP project here that shows how to enable application/json in order to use JSON payloads. It's nice to see how to extend the project in a way to get JSON payloads working for POSTs, and I added JSON support for PUTs as well in a parallel manner in my secureHTTP fork.
However, that implementation requires adding a new postJson function on the cordovaHTTP javascript api that's implemented in a new CordovaHttpPostJson java class. Unfortunately, in terms of more general XHR-like support, structuring things as separate classes per http method per content type seems like it'll explode with permutations and be hard to support.
However, all of the separate http method classes pretty much have the same code in them, so it may be simpler to reduce the duplication and consolidate behavior in to a single class (maybe keeping the upload/download stuff separate) that accept an http verb parameter and dynamically encodes the body based on content-type. My java is pretty rusty, but I may give it a shot if I have time. I wanted to mention it here tho in case anyone interested in this who's more versed in java wants to give it a go.
from securehttp.
Related Issues (20)
- Allow loading certificates from within the www folder
- iOS doesn't compile because of a missing framework
- Abort? HOT 1
- Client Certificate Authentication? HOT 6
- android: acceptAllCerts doesn't call callbacks HOT 2
- error: package org.apache.cordova.file does not exist
- missing command error HOT 2
- HTTP PUT method HOT 1
- ios 8/9, non trusted request are executed
- Generic Error Messages in iOS
- com.telerik.afnetworking offline HOT 4
- compile error in iOS: 'Cordova/CDVJSON.h' file not found HOT 2
- client cert? HOT 1
- Only happening on iOS, but returns 400?
- How can one POST application/json with this? HOT 3
- How to validate if the plugin is working fine for me? HOT 2
- Issue with POST requests
- Is "PATCH" method supported?
- Add PUT and DELETE to return a promise
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securehttp.