IBRW-170399: VMware Browser for iOS will not open links if Content-Security-Policy is enabled - Resolved in iOS Browser 6.2.1

Version Identified

VMware Browser for iOS 6.1, 6.2

 

Identifier

IBRW-170399

 

Symptoms

VMware Browser for iOS will not open links if Content-Security-Policy is enabled on a web server.

 

Workaround

VMware Browser for iOS appends some custom headers which might not be compatible with certain Content-Security-Policy configured on the server. It will fail and not launch a link when selected.

The following workarounds are available:

  • Disable Content-Security-Policy on the server.
  • Add “awbnewtab” as additional frame-src in Content-Security-Policy.

Example:

When using the mobile version of Salesforce (lightning version) and trying to launch an attachment which opens a new tab, the browser does not perform any actions and the attachment does not open. The following error is displayed:

[Error] Refused to load frame 'awbnewtab.:/servlet/servlet.FileDownload%3Ffile%3D00P4E000001c4cJUAQ%26operationContext%3DS1' because it violates the following Content Security Policy directive: "frame-src https: mailto: *.cs83.visual.force.com”.

Content Security Policy directive: "frame-src https: mailto:” is only expecting “https:” and “mailto” schemes. But to open a new tab in browser, VMware Browser adds “awbnewtab” to the beginning of URL, which is being blocked by the above policy.

  

Fix Versions

VMware Browser for iOS 6.2.1

Have more questions? Submit a request

0 Comments

Article is closed for comments.