Hello, After an Android security audit, we need to disable in the WebView, the WebSettings attributes "AllowFileAccess" because we don't use this feature that may introduce security issue.
I'm developing an ionic3 application based on Cordova-android 6.4.0 The Webview initialisation code seems to be here : org.apache.cordova.engine.SystemWebViewEngine All the attributes setting like AllowFileAccess are in the initWebViewSettings method (https://github.com/apache/cordova-android/blob/6.4.x/framework/src/org/apache/cordova/engine/SystemWebViewEngine.java#L147). How can I change the settings for AllowFileAccess without editing the code ? Is it possible to implements something, so i can configure WebSettings in config.xml for exemple, or elsewhere ? I can simply edit the java code of the class in the platform android, after the cordova add platform, and before to build the apk. But i think it would be better if we can configure it in an other way. Or maybe, it could be done with a cordova-plugin ? I tried myself, but failed, to retrieve the WebSettings of the original android.webkit.WebView from the CordovaWebView... Thanks for your help Stéphane
