This would be a great time to read and apply the inAppBrowser plugin's docs:
1. You will notice that you need to call 'cordova.InAppBrowser.open()' instead of 'window.open()'
2. You will notice that the second parameter needs to be _self, _system or _blank....not 'WebVoew'
3. You need to make sure to wait for the deviceready event before attempting to call the plugin's method.
I know but it is not the answer.
I already in web-view no matter how I open it.
So from web-view, so from my web-site - I need to open Safari not load the URL inside current web-view.
cordova.InAppBrowser.open() but later got idea that cordova is not connected on web-site, that is why it does not work.
window.open(url, '_system') also opens in same web-view.
Please, notice - I have no issue opening my web-site inside App. I need to open URL to Safari from already working web-view.
I know I can open web-site in safari from App. But not from web-view.
Ah. This is a misunderstanding of the term 'webview'.
Usually, the Webview is the OS component which allows you to display html documents, regardless of their source.
You apparently meant to say that you are displaying an external web document in your Webview component (not in the inappbrowser window or in the device mobile browser), and you want a click on a link within that html document to open the system browser (must it be Safari? What if the user has a different browser installed, or perhaps not Safari at all?).
Well, since you're still in the webview component, you could try and make sure that the url of the second document (which you want to open in the systen browser) is not whitelisted for 'allow-navigation'. In such case, the document should not be displayed in the Webview If it's whitelisted for 'allow-intent', it might get displayed in the system browser instead .
Thank you for your reply.
Sorry for misunderstanding.
I was trying access origin and also whitelist plugin. Link just not opens at all no matter _blank, _system or any other ways. I also was hope that it will work but spent many time trying.
No matter Safari or not - just device browser not app.
I also saw that some Apps open InAppBrowser for external URLs. That way also will work. But once I am trying open _blank for example - even with "location=yes" - it does not help. So if I can get at least to open external link inside App in the InAppBrowser that will work too, but I cannot access that because of "cordova" is App library, not site library.
I was trying AddEventListeners also so like trigger event inside App from Website but it is not help. I have console.log to view actions but no logs. Like it is just not accessed.
I was reading that window.opener is not for inApp browser/webview. So if it was possible - it can be easy way but unfortunately not. I looked though many pages from google by keyword "phonegap window opener" but did not found an answer how to replace that.
What is strange that when I send Push notification to App, it handles it even if Webview is open. So not sure why window.opener not supported there.
So say I send Push and App do the job for App - say open separate page on Push custom ID.
But I cannot pass URL to App even through AddEventListener.
I decided just to restrict external domains.
But I found issue with Android.
I cannot restrict with access origin or allow-navigation. It still opens the other domains in same inAppBrowser.
I set config.xml
<plugin name="cordova-plugin-whitelist" spec="https://github.com/apache/cordova-plugin-whitelist.git" />
<allow-navigation href="http://domain.net/*" />
<access origin="http://domain.net" browserOnly="true" />
But webview still can open other domains on Android.
1. You don't need to specify that spec attribute for the inappbrowser plugin. Just use the one from npm
2. You wrote: "I cannot restrict with access origin or allow-navigation. It still opens the other domains in same inAppBrowser."
This makes it even more confusing. What is "the same inAppBrowser"? Are you now opening the external website in an inappbrowser window, instead of the webview component or the mobile browser? If so, the problem becomes very different in nature.
I think window.open is connected with inAppBrowser.
I use window.open.
Sorry if I am wrong.
It works in iOS when I restrict with access origin but not in Android.
So I need to restrict Android with that to load only my site. On iOS when I click external links - nothing happens. On Android - it just loads the external URL and replace web-site.
With the inApBrowser plugin, you should use cordova.InAppBrowser.open.
Then there are three possible scenario's:
- use _self and it opens in the webview if the external domain is whitelisted for allow-navigation
- use _blank to open in the inApBrowser window
- use _system to open in system browser
Now, if you are indeed using the inappbrowser plugin (and I'm not convinced that you are) and the website opens in the webview, my suggestion was to deny the second domain for allow-navigation, but allow it for allow-intent (not access origin).
If this gets us both confused, it would help if yur zip file was available online somewhere, as well as your website of the second domain, so I could have a look directly. Otherwise, this will get more confusing and I'd be guessing only.
I have looked and still not sure what you mean with the solution.
I am ok with current way for window.open - it has no menu bars or similar. I just see mobile web-site as App.
So here I am good with it. App displaying web-site and I am very happy with that.
But I cannot restrict user to go out of my web-site. It just replace my web-site in App and App must be closed to open my web-site again.
It works well for iOS the restricting to only my domain with access origin. I don't set "*" anywhere. I checked platforms/android.../config.xml and it is correctly generated with phonegap build android.
If it works with iOS I wonder why Android ignore my access origin rules.
Is there any trick to restrict Android open other domains than mine?
On web-site I use just direct like [href="http://google"] links. I am not using window.open in web-site. Anyway it should restrict visiting not defined URLs always. No matter how they are opened.
I am ok with current way for window.open
Fine, so you are NOT using the inappbrowser plugin, although you stated so in your original question.
I just see mobile web-site as App
Your app may be rejected when you're trying to publish it, when your app is nothing but a website wrapper. See for instance Common App Rejections - App Store - Apple Developer
Just curious: why don't you let your visitors simply visit your website in the system browser? That has many advantages:
- a browser is better equipped with features like bookmarking and search functionality
- you don't have to publish and maintain a separate app
- your users won't have to install and run a separate app (what would happen if every site owner would wrap his website as an app?)
- you would not have the problems you're having now
- your published documents would not have to be approved by apple and google.
I have web-site already. I need App as well mainly because of Push notifications. It is good and fast the Phonegap - it opens site fast and well. So always to be at hand the web-site inside App is good way to grow my business.
To say true it's not big social network - so Push notifications are the key to communicate users together.
I wonder if it works well on iOS and restrict domains - why it does not restrict on Android. I believe there can be some Cordova bug. Or I need to add some param to allow this kind of security.
Do you have any ideas?
It seems to me that you need to rearchitect your app so that you aren't loading a remote web app in your web view. This WILL result in rejection by Apple, and has a multitude of problems on any other platform (especially when dealing with network connectivity).
Depending on how you wrote your web app you may be able to take the UI portion and reuse it locally in your app. If you can't, you should rewrite your UI so that it can run locally. Then use AJAX(XHR) communication with your backend to populate your UI.
At that point, you can determine what to do with any links that may go outside of your app -- ideally, you'd rewrite them so that they would open the in-app browser or the system browser. You should never load an external resource you don't control in the PhoneGap web view, since this grants them access to whatever plugins you've got installed in your app.
I know this is probably not what you want to hear, but PhoneGap is not intended to be used as a web browser. Keep your UI local, use AJAX to communicate with your backend, and things will go much better (and your users will thank you too). Plus you'll have a better chance at avoiding Apple's rejections.