React-native-webview: HTTPS error using static html

Created on 12 Apr 2020  路  3Comments  路  Source: react-native-webview/react-native-webview


Bug description:

I'm getting an error from my Stripe Integration when using live. 

IntegrationError: Live Stripe.js integrations must use HTTPS.

I'm wondering if there is a way to set the WebView to https.

To Reproduce:

<WebView
  source={{
       html: stripeCheckoutHTML(clientSecret),
   }}
/>

Environment:

  • OS: Mac OS
  • OS version: 10.15.3
  • react-native version: 0.60.4
  • react-native-webview version:8.2.0
Stale bug report
Source
picture rezvalari

Most helpful comment

Regarding android i found something on
Android Developer Doc

If a valid HTTP or HTTPS base URL is not specified in baseUrl, then content loaded using this method will have a window.origin value of "null". This must not be considered to be a trusted origin by the application or by any JavaScript code running inside the WebView (for example, event sources in DOM event handlers or web messages), because malicious content can also create frames with a null origin. If you need to identify the main frame's origin in a trustworthy way, you should use a valid HTTP or HTTPS base URL to set the origin.

Instead of putting baseUrl: ''
I inserted my backend endpoint for baseUrl and its working for me

picture legend27sg on 19 Apr 2020
2 🎉2

All 3 comments

I was able to fix this on iOS by adding baseUrl: '' but it is still a problem in Android unfortunately

<WebView
  source={{
       html: stripeCheckoutHTML(clientSecret),
       baseUrl: ''
   }}
/>
rezvalari picture rezvalari on 12 Apr 2020
🎉1

Regarding android i found something on
Android Developer Doc

If a valid HTTP or HTTPS base URL is not specified in baseUrl, then content loaded using this method will have a window.origin value of "null". This must not be considered to be a trusted origin by the application or by any JavaScript code running inside the WebView (for example, event sources in DOM event handlers or web messages), because malicious content can also create frames with a null origin. If you need to identify the main frame's origin in a trustworthy way, you should use a valid HTTP or HTTPS base URL to set the origin.

Instead of putting baseUrl: ''
I inserted my backend endpoint for baseUrl and its working for me

legend27sg picture legend27sg on 19 Apr 2020
2 🎉2

Hello 馃憢, this issue has been opened for more than 2 months with no activity on it. If the issue is still here, please keep in mind that we need community support and help to fix it! Just comment something like _still searching for solutions_ and if you found one, please open a pull request! You have 7 days until this gets closed automatically

github-actions[bot] picture github-actions[bot] on 19 Jun 2020
Was this page helpful?
0 / 5 - 0 ratings

Related issues

niranjan-b-prajapati picture niranjan-b-prajapati  路  3Comments
TheMakerOleguch picture TheMakerOleguch  路  3Comments
apostopher picture apostopher  路  3Comments
emeraldsanto picture emeraldsanto  路  3Comments
codesinghanoop picture codesinghanoop  路  3Comments