iOS CORS Issue on Ionic 2, works in Ionic 1

While loading an image, we get the standard 'Cross-origin image load denied by Cross-Origin Resource Sharing policy.'
This is despite us having img-src * in our CSP meta-tag.
The same code works in Ionic 1.

Any pointers/suggestions?

May not be your answer, but that works for me.

In my html pages

<img [src]="pictureUrl"/>

and in index.html if you want to open everything something like

<meta http-equiv="Content-Security-Policy" content="default-src * data: gap:; img-src 'self' * data:; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *; connect-src 'self' *;">

Thanks Reed for your reply. We did try updating the Content Security Policy to completely open, and we still get this error.
That is making us wonder whether Ionic is doing any additional security checks on top of what we give in the index.html meta-tag in one of their tags.

Thanks to @perry for directing us to the problems with WkWebView and UIWebView, we found the root-cause of the issue.
It was in fact the WkWebView that was causing the CORS problem. We removed it, and we don’t have the CORS problem anymore.

@reedrichards - Your post on this same issue was added confirmation too, Thanks.

1 Like