When developing an Ionic app with Angularfire integration and then deploying and running on an iPhone device, the app would often open the Safari app then show the Firebase project webpage with this url: https://app-project-name.firebaseapp.com.
This is defiantly a bad user experience and a potential security risk as it exposes to any attacker the real firebase project url.
Apparently, this does not seem like an Ionic issue. This looks like a Firebase issue, so it wont help if I opened an issue on Ionic github. I have posted here hoping that someone with the same issue figured this out.
I already have opened an issue in Angularfire GitHub repo (https://github.com/angular/angularfire/issues/2641), but it was closed because “there are other issues and solutions to this going around & it’s not specific to AngularFire”.
I’m looking right now at this github issue, but could not figure out what to whitelist.
Does downgrading cordova-ios to 5.x.x affect the WKWebView requirement? coz cordova-ios@^6.0.0 is also affected.
And it seems to work for me with the 6.1.1.
I hope they will adopt directly this PR into the next upgrade of cordova-ios 6.1.2 because I’m afraid about downgrading my project and have a lot of other issues…