Uploaded image for project: 'Titanium SDK/CLI'
  1. Titanium SDK/CLI
  2. TIMOB-27382

iOS: CORS Issue, origin of header is always null since SDK 8


    • Type: Bug
    • Status: Closed
    • Priority: None
    • Resolution: Not Our Bug
    • Affects Version/s: Release 8.0.2, Release 8.1.0
    • Fix Version/s: None
    • Component/s: iOS
    • Labels:
    • Environment:

      SDK 8.0.2, 8.1.0
      iOS 12.x

    • Story Points:
    • Sprint:
      2019 Sprint 22, 2019 Sprint 23, 2019 Sprint 24, 2019 Sprint 25


      Problem Description:

      As of SDK 8, any XMLHttpRequest performed inside a WebView from a file has a header of origin: null. This is a behavior that was not present in SDK 7 and only affects IOS. (It seems to be due to the change to WKWebview.)

      We use the WebView in an authentication workflow where we have an intermediate HTML file with the necessary javascript to perform the redirections/progress the sign in. This is an HTML page in resources/www.

      Due to the fact this header is now
      A) Being set for seemingly all requests, even GET
      B) is always null
      This is breaking our authentication process and we cannot continue developing our application until it is fixed.

      There does not appear to be any way to currently set this via titanium, there is also nothing in the documentation. We cannot set Access-Control-Allow-Origin * / null as this would pose a security risk server-side.

      We need to be able to switch back to using UIWebview in the new SDK, the origin header dropped, or, the origin header has a correct value (https://localhost/.....).


      1. Create a new alloy projet.
      2. Add attached file.
      3. Run the app to iOS device
      4. Monitor network traffic so you can see the request headers (as per screenshot attached).


        1. index.tss
          0.2 kB
        2. index.xml
          0.1 kB
        3. localfile.html
          0.7 kB
        4. Screenshot_2019-09-06_at_10.08.41.png
          258 kB

          Issue Links



              • Assignee:
                sliang Shuo Liang
              • Watchers:
                4 Start watching this issue


                • Created:

                  Backbone Issue Sync

                  • Backbone Issue Sync is enabled for your project, but we do not have any synchronization info for this issue.

                    Git Integration