Resolution: Not Our Bug
Affects Version/s: Release 8.0.2, Release 8.1.0
Fix Version/s: None
SDK 8.0.2, 8.1.0
Sprint:2019 Sprint 22, 2019 Sprint 23, 2019 Sprint 24
As of SDK 8, any XMLHttpRequest performed inside a WebView from a file has a header of origin: null. This is a behavior that was not present in SDK 7 and only affects IOS. (It seems to be due to the change to WKWebview.)
Due to the fact this header is now
A) Being set for seemingly all requests, even GET
B) is always null
This is breaking our authentication process and we cannot continue developing our application until it is fixed.
There does not appear to be any way to currently set this via titanium, there is also nothing in the documentation. We cannot set Access-Control-Allow-Origin * / null as this would pose a security risk server-side.
We need to be able to switch back to using UIWebview in the new SDK, the origin header dropped, or, the origin header has a correct value (https://localhost/.....).
1. Create a new alloy projet.
2. Add attached file.
3. Run the app to iOS device
4. Monitor network traffic so you can see the request headers (as per screenshot attached).