Invoke webservice from android app

Hello to everyone, maybe this is a well-known behaviour, but I cannoy find a solution for my applcation.

I have an applicatio deployed on an Android device, this application send and receive from a webservice JSON packets.
Until the application run in browser (ionic serve), everything works fine, but when I run the app on the device (ionic run android) nothing seems to work. Only if I run the command “ionic run android -l -c” I’m able to test the app on the device.

I see with Wireshark that the origin of POST is set to http:// when i run from browser or with the command “ionic run android -l .c”, but when I run from the device, the origin is set to “file://” and the answer from the server is always “403 Forbidden”.

Is there some relation?

Have you some solution which let me access my webservice from the device.

Another strange behaviour is that the webservice was on an ubuntu machine, I was able to access the webservice even from the device, when I move in Windows, the things going bad.

Thank you in advance.


Check this article:

(from the article)
Install the latest Apache Cordova Whitelist Plugin like the following:

cordova plugin add cordova-plugin-whitelist

Per the official documentation you should also add a Content Security Policy to prevent Android from complaining, although it isn’t required in all scenarios. To allow everything, add the following to your www/index.html file right below the other meta tags:

<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">

Hi bholub1,

I’ve already installed this plugin, but still not working.

I see that when I run from browser, my request header use Origin:http://localhost:8100, instead, when I run in android device, the request header use Origin:file://.

Could be this the problem?

Thank you


can i know whether you call your api inside a service or you directly use $http method inside your controller?

This is the Service:

.service('LoginService', function($q, $http, ApiEndpoint) {
    return {
        loginUser: function(username, password, isWebView, isAndroid) {
        	var serverAddress = window.localStorage['SERVER_ADDR'];
          var nodo = window.localStorage['NODO'];
        	var deferred = $q.defer();
          var promise = deferred.promise;

          if (isWebView && !isAndroid) {
            serverAddress = ApiEndpoint.url
        	if (serverAddress && serverAddress != "") {
        		$ + '/login', {
	            "username": username,
	            "password": password
	          }).success(function(response, status, headers, config) {
	            if (response && response.account == username && response.password == password) {
	            } else {
	          }).error(function(response, status, headers, config) {               
        	} else {
        	promise.success = function(fn) {
            return promise;
          promise.error = function(fn) {
            promise.then(null, fn);
            return promise;
          return promise;

Well…at the end the problem was very stupid…

The problem was the CORSFilter in the web.xml file in my Java project, once removed, everything restart working properly.

Thank you


can u describe in detail… i m facing same issue.


Could you please tell us what exactly have you done to solve your problem ??? I am facing the same thing.