Mon, 28 Nov 2022 08:21:49 GMT
Join the conversation at slack.cordova.io
Sun, 27 Nov 2022 14:41:08 GMT
@norman137 says
You‘re pretty much correct in everything. Apple doesn’t allow any well known schemes to be part of their scheme loader mechanism, so
http
,https
,ssh
,ftp
, etc... all cannot be used for your app scheme. They don‘t define what is considered well known but it’s pretty much any standardised protocol.Cookies topic by itself is a difficult subject, especially for iOS.... for much more reasons other than CORs issues.
I haven‘t worked with AWS API Gateway but if you can dynamically set response headers, you can simulate the any wildcard but still get the effects of an explicit domain being set by reading the request’s
Origin
header and setting it to the value of yourAccess-Control-Allow-Origin
response header.I do this via nginx by having a
add_header 'Access-Control-Allow-Origin' $http_origin always;
line in my location directives, but not sure how it can be done in your tech stack.