Capacitor plugin to bypass CORS & same origin policy for iframe.
This plugin overrides the
shouldInterceptRequestbehavior of your webview.
As the core purpose of this plugin, shouldInterceptRequest needs to be leveraged to determine the outgoing requests and eliminate the X-Frame-Options and Content-Security-Policy headers present on the incoming responses for them to work in the embeded iframes.
- Android
npm install capacitor-plugin-xframe
npx cap syncAdd these options in either capacitor.config.json or capacitor.config.ts.
Customize the outgoing requests' User-Agent header. Useful to modify the resulted responses.
{
...
"plugins": {
"Xframe": {
"userAgent": "<your_custom_user_agent>"
}
}
}A list of domains/URLs to ignore from intercepting.
{
...
"plugins": {
"Xframe": {
"ignore": ["google.com", "https://www.facebook.com"]
}
}
}register() => Promise<void>Registers the plugin to your app.
Registering this plugin will override the shouldInterceptRequest behavior of your webview.
addListener(eventName: 'onLoad', listener: LoadEventListener) => Promise<PluginListenerHandle> & PluginListenerHandleListens to requests of document type and returns some useful information.
| Param | Type |
|---|---|
eventName |
'onLoad' |
listener |
LoadEventListener |
Returns: Promise<PluginListenerHandle> & PluginListenerHandle
addListener(eventName: 'onError', listener: ErrorEventListener) => Promise<PluginListenerHandle> & PluginListenerHandleListens to failed requests (of any type)
| Param | Type |
|---|---|
eventName |
'onError' |
listener |
ErrorEventListener |
Returns: Promise<PluginListenerHandle> & PluginListenerHandle
| Prop | Type |
|---|---|
remove |
() => Promise<void> |
| Prop | Type |
|---|---|
url |
string |
title |
string |
favicon |
string |
| Prop | Type |
|---|---|
url |
string |
statusCode |
number |
message |
string |
(eventData: LoadEventData): void
(eventData: ErrorEventData): void