Hello, I have a mobile app that uses html, css and javascript and works as a simple web system interface. This app uses an iframe on the main page to open this system. The web system has two login and password pages and one for data visualization. I through the mobile application access the login page of the web system and send user and password using HttpXmlRequest (get) thus logging in. At that moment it automatically happens the redirected to the data visualization page or the server returns as response to the page displayed. All of this is ok.
I need to do the following: get users to log in only once and no longer need to do so until their password expires in siteminder (approximately 6 months) only then the login screen and the credentials of the requested user. I know that the CORS (Cross-Origin Resource Sharing) policy can make my work difficult. I also know that I could add header ("Access-Control-Allow-Origin: *") on the server that would make my job easier but not I have access to this server the whole solution will have to be by the client side. Anyone have any suggestions? my code:
<html>
<head>
<meta http-equiv="Content-Security-Policy" content="default-src 'self' * gap://* unsafe-inline' 'unsafe-eval'"/>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<meta name="format-detection" content="telephone=no">
<meta name="msapplication-tap-highlight" content="no">
<meta name="viewport"
content="user-scalable=no, initial-scale=1, maximum-scale=1, minimum-scale=1, width=device-width">
<link rel="stylesheet" type="text/css" href="css/index.css">
</head>
<body>
<iframe id="minha-page" frameborder="0" allowtransparency="true"class="minha-page-iframe">
</iframe>
</body>
<script type="text/javascript" src="cordova.js"></script>
<script type="text/javascript" src="js/index.js"></script>
</html>
Javascript
loadMinhaPage: function () {
let minhaPageURL = "https://aplicacaoweb.com.br";
if (navigator.connection.type !== Connection.NONE) {
this.showLoading();
var httpRequest = new XMLHttpRequest();
httpRequest.onreadystatechange = function() {
if (httpRequest.readyState === 4) {
if (httpRequest.status === 200) {
// Success
let iframe = document.getElementById("minha-page");
iframe.src = statusPageURL;
iframe.style.display = "block";
} else {
// Failure
app.showError();
}
}
};
httpRequest.open('GET', minhaPageURL);
httpRequest.send();
} else {
this.showError();
}
}