Ionic2 RC5, body removed from POST/PUT calls


#1

Hi,

I was wondering if anyone encountered a problem where the body of POST/PUT requests is being removed? (data is visible in the safari inspector, but is not there when inspected via wireshark).

The problem began when we upgrade to RC5 (no other changes happened as far as we can tell).

I’ve seen one other report of this on stack overflow (http://stackoverflow.com/questions/41872521/post-requests-not-working-on-ios-in-ionic2-app) - we will test https later next week, but I’m uncomfortable with that solution (as in not knowing why this is happening)


Http post from device has no content
#2

I think Apple flipped a switch and disallowed non-TLS requests. There was another very similar thread recently.


#3

Is there an official response from Ionic / Apple?
Happy with moving to HTTPS just worried it’s a bigger issue that will come back to bite us when we lunch


#4

Apple said at last year’s WWDC that they were going to require TLS for all apps by the end of the year (2016). I don’t recall seeing anything more recent.


#5

There was an announcement from them this past December.

https://developer.apple.com/news/?id=12212016b

Really, this is good. Non-secure links are just that, not secure.
Pretty soon chrome/android will do this soon as well


#6

Just saw that… I guess the best I can say is that having the Safari inspector show you that data is being sent while it’s actually being removed isn’t helpful (and so is the lack of docs).

Anyhow thanks that seems to answer my questions. I agree it’s a good move, but it will make developing painful…


#7

If you mean getting certs is a hassle, check out Let’s Encrypt.


#8

Thanks,

Since the Safari inspector is useless (the data we see is just wrong as the current example proved) we moved to inspect data via wireshark (packet analyzer) but this becomes useless if the data is encrypted.

There’s other solutions, just a bit painful


#9

I’ve spent so many days trying to find a workaround. Luckily our company made a right decision to move completely to HTTPS. So I guess it’s time to remove cordova-whitelist plugin from the code completely?