breautek commented on PR #629: URL: https://github.com/apache/cordova-plugin-file/pull/629#issuecomment-2416711762
> If an application is built with the AndroidInsecureFileModeEnabled option set to true in config.xml, the toURL method returns the content:// URL which is not accessible directly from WebView as @breautek found out (see https://github.com/apache/cordova-plugin-camera/pull/889#issuecomment-2233226006). > > Is there a way to have this working with AndroidInsecureFileModeEnabled? In my case, I could just disable that flag, which I probably added as a temporary solution for a long-gone problem. I don't think so. With `AndroidInsecureFileModeEnabled` enabled, the `toURL` passes through the underlying URL, which in this case is a `content://` url. If the file entry has a native file path it will return a `file://` url. So this is working as intended. Even if we resolve the content:// path to a file:// path (which is effectively what we are doing in our current releases), the file:// path is not usable on API 29 (due to the lack of FUSE support), and on API 30+ requires READ_EXTERNAL_STORAGE, or READ_MEDIA ON API 33+, which is the permissions we are trying to strip the requirement for. `AndroidInsecureFileModeEnabled` was provided to buy developers time to migrate off of file-based protocol, since that can be an extensive change. That was introduced in Cordova-Android 10, which is when the `WebViewAssetLoader` implementation was introduced, in July 2021. If developers haven't done that migration yet in the 3 years, that's on them in my opinion. I could add a note somewhere in the documentation for this caveat though. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@cordova.apache.org For additional commands, e-mail: issues-h...@cordova.apache.org
