VMware Browser for iOS 6.1, 6.2
VMware Browser for iOS will not open links if Content-Security-Policy is enabled on a web server.
VMware Browser for iOS appends some custom headers which might not be compatible with certain Content-Security-Policy configured on the server. It will fail and not launch a link when selected.
The following workarounds are available:
- Disable Content-Security-Policy on the server.
- Add “awbnewtab” as additional frame-src in Content-Security-Policy.
When using the mobile version of Salesforce (lightning version) and trying to launch an attachment which opens a new tab, the browser does not perform any actions and the attachment does not open. The following error is displayed:
[Error] Refused to load frame 'awbnewtab.:/servlet/servlet.FileDownload%3Ffile%3D00P4E000001c4cJUAQ%26operationContext%3DS1' because it violates the following Content Security Policy directive: "frame-src https: mailto: *.cs83.visual.force.com”.
Content Security Policy directive: "frame-src https: mailto:” is only expecting “https:” and “mailto” schemes. But to open a new tab in browser, VMware Browser adds “awbnewtab” to the beginning of URL, which is being blocked by the above policy.
VMware Browser for iOS 6.2.1