VMware Browser for iOS 6.1, 6.2
VMware Browser for iOS will not open links if Content-Security-Policy is enabled on a web server.
VMware Browser for iOS appends some custom headers which might not be compatible with certain Content-Security-Policy configured on the server. It will fail and not launch a link when selected.
The following workarounds are available:
- Disable Content-Security-Policy on the server.
- Add “awbnewtab” as additional frame-src in Content-Security-Policy.
When using the mobile version of Salesforce (lightning version) and trying to launch an attachment which opens a new tab, the browser does not perform any actions and the attachment does not open. The following error is displayed:
[Error] Refused to load frame 'awbnewtab.:/servlet/servlet.FileDownload%3Ffile%3D00P4E000001c4cJUAQ%26operationContext%3DS1' because it violates the following Content Security Policy directive: "frame-src https: mailto: *.cs83.visual.force.com”.
Content Security Policy directive: "frame-src https: mailto:” is only expecting “https:” and “mailto” schemes. But to open a new tab in browser, VMware Browser adds “awbnewtab” to the beginning of URL, which is being blocked by the above policy.
This has been resolved in VMware Browser for iOS 6.2.1.