What should be allowed origin for AWS CORS for Cordova app

Question

As per all the tutorials, to enable CORS on AWS S3 bucket, following configuration should be done. I have done this and it works for cordova app and works fine. Here, we are allowing - origin as - * which enables all the sites. How can I restrict it to only my cordova app developed in html5 for android/ ios. What should be the value in AllowedOrigin tag for cordova app to allow only my app to access the bucket.

<CORSRule>
        <AllowedOrigin>*</AllowedOrigin>
        <AllowedMethod>PUT</AllowedMethod>
        <AllowedMethod>POST</AllowedMethod>
        <AllowedMethod>DELETE</AllowedMethod>
        <AllowedMethod>GET</AllowedMethod>
        <MaxAgeSeconds>3000</MaxAgeSeconds>
        <ExposeHeader>ETag</ExposeHeader>
        <AllowedHeader>*</AllowedHeader>
        <AllowedHeader>Authorization</AllowedHeader>
    </CORSRule>

score 0 · Answer 1 · answered Jul 06 '15 at 12:54

0

You can specify the origins that you want to allow cross-domain requests from, for example, http://www.example.com. The origin string can contain at most one * wildcard character.You can also specify https://*.example.com to enable only secure origins.

answered Jul 06 '15 at 12:54

Sriram85

51
1
6

For website, it is quite straight forward, as you have suggested. I want to know for cordova app (Android or iOS) installed on the mobile.What is url for such installed apps ? – user3587767 Jul 06 '15 at 14:41
Please were you able to solve this? I am also having similar problem – David Addoteye Jan 05 '16 at 17:43

score 0 · Answer 2 · edited May 23 '17 at 11:52

0

You can follow this topic. Basically CORS does not apply to file:// sources which is what cordova uses.

CORS, Cordova, AngularJs $http and file:// confusion

edited May 23 '17 at 11:52

Community

1
1

answered Jan 05 '16 at 17:56

David Addoteye

1,587
1
19
31

What should be allowed origin for AWS CORS for Cordova app

2 Answers2