-1
我试图连接到SharePoint 2013服务器得到一些列表等 我有这样的HTML代码,我让我的用户名/密码/ SharePoint的网址:的XMLHTTP“打开”的错误与新版本科尔多瓦
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta charset="utf-8" />
<meta http-equiv="Content-Security-Policy" content="default-src 'self' 'unsafe-inline' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *" />
<title>SP Manager</title>
<!-- Some Stylesheets -->
<!-- Cordova-Scripts -->
<script src="cordova.js"></script>
<script src="scripts/platformOverrides.js"></script>
<!-- Onsen-UI Scripts -->
<script src="lib/angular/angular.js"></script>
<script src="lib/onsenui/js/onsenui.js"></script>
<!-- Zing Chart -->
<script src="lib/zingchart_trial/zingchart.min.js"></script>
<script src="scripts/ChartJS/control.js"></script>
<script src="scripts/ChartJS/chart.js"></script>
<!-- Standard Scripts -->
<script src="lib/jquery/dist/jquery.js"></script>
<script src="scripts/Page JS/index.js"></script>
<script src="../scripts/SharepointJS/sharepoint.js"></script>
<script src="scripts/TimeJS/scripte.js"></script>
<script>
ons.bootstrap(); //Call für OnsenUI-Init
</script>
</head>
<body>
<ons-navigator id="navigator" title="Navigator" var="loginNavigator">
<ons-page var="pagecontent" >
<div style="width:100%;" id="logoLogin">
<img src="Images/logo.png" style="height: 100%;"/>
</div>
<div class="login-form">
<input id="sharepoint" type="text" class="text-input--underbar" placeholder="Sharepoint" style="" onclick="changeSharepointURL(true)" readonly="readonly">
<input id="username" type="text" class="text-input--underbar" placeholder="Benutzername" value="agile\shau" style="" onclick="clearInput('#username')">
<input id="password" type="password" class="text-input--underbar" placeholder="Passwort" value="[email protected]" style="" onclick="clearInput('#password')">
<br>
<ons-button id="LoginButton" onclick="sharepointLogin()" class="login-button">Einloggen</ons-button>
<br /><br />
<ons-button class="forgot-password" onclick="SP.loginOffline()">Offline Anmelden</ons-button>
<ons-button onclick="resetURL()">Reset URL</ons-button>
</div>
<div id="errorMessageLogin" style="color:red; text-align:center;">
</div>
</ons-page>
</ons-navigator>
</body>
</html>
这是用来连接到我的SharePoint脚本IM:
var urlSP = window.localStorage.getItem('sharepoint') + "something else";
var xmlHttp = new XMLHttpRequest();
xmlHttp.onreadystatechange = function() {
if (xmlHttp.readyState == 4) {
if (xmlHttp.status == 200) {
that.usernameID = JSON.parse(xmlHttp.responseText).d.Id; //Get and save the Username-ID from Sharepoint
window.localStorage.setItem("lastUser", that.usernameID); //Save this ID ín local Storage
window.localStorage.setItem("username", username); //Save the username in local Storage
that.password = password;
callback(xmlHttp.responseText);
} else {
$("#errorMessageLogin").html("Wrong Username/Password/URL.");
}
}
}
xmlHttp.open("GET", urlSP, false);
that.credentials = "Basic " + window.btoa(username + ":" + password); //Save credentials
window.localStorage.setItem("credentials", that.credentials); //Save in local storage too
xmlHttp.setRequestHeader("Authorization", that.credentials);
xmlHttp.setRequestHeader("Accept", "application/json;odata=verbose");
xmlHttp.send(null);
此代码工作正常与科尔多瓦的旧版本(我的队友们正在使用第3版,我认为)。
现在,如果我尝试使用内置的从VS2015和第4版Android模拟器科尔多瓦即时得到这个错误的启动应用程序:
Refused to connect to 'my SP adress' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.
sharepoint.js (111,17)
Uncaught SecurityError: Failed to execute 'open' on 'XMLHttpRequest': Refused to connect to 'my SP adress' because it violates the document's Content Security Policy.
sharepoint.js (111,17)
我已阅读,我需要的白名单插件从科尔多瓦在为了执行请求。我已经将它添加到项目(使用VS)以及此代码在config.xml中
<?xml version="1.0" encoding="utf-8"?>
<widget xmlns:cdv="http://cordova.apache.org/ns/1.0" xmlns:vs="http://schemas.microsoft.com/appx/2014/htmlapps" id="io.cordova.myappd6b043" version="1.0.0" xmlns="http://www.w3.org/ns/widgets" defaultlocale="de-DE">
<name>SP Manager</name>
<description>A blank project that uses Apache Cordova to help you build an app that targets multiple mobile platforms: Android, iOS, Windows, and Windows Phone.</description>
<author href="http://cordova.io" email="[email protected]">Apache Cordova Team </author>
<content src="index.html" />
<access origin="*" />
<!-- #################ADDED THIS LINE############## -->
<allow-intent href="https://my SP adress/*" />
<vs:features />
<preference name="SplashScreen" value="screen" />
<preference name="windows-target-version" value="8.1" />
<!-- Support for Cordova 5.0.0 plugin system -->
<plugin name="cordova-plugin-whitelist" version="1" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="tel:*" />
<allow-intent href="sms:*" />
<allow-intent href="mailto:*" />
<allow-intent href="geo:*" />
<platform name="android">
<allow-intent href="market:*" />
</platform>
<platform name="ios">
<allow-intent href="itms:*" />
<allow-intent href="itms-apps:*" />
</platform>
<!-- some icon sources -->
<vs:plugin name="cordova-plugin-whitelist" version="1.2.0" />
</widget>
但它仍然不起作用。
编辑:我的队友更新了他在VS2015科尔多瓦和工作没有任何问题......我很困惑... 即使重新安装没有工作......
您是否试图完全评论您的Content-Security-Policy元标记?只是为了看看它是否是问题的根源。 – Phonolog
是的,但后来我得到了与来自Filipe Pinto(Access-Control-Allow-Origin)的其他元标记相同的错误。 – MindFreak