AngularJS application within a Chrome Packaged App's sandbox: routeProvider causing XmlHttpRequests which are prohibited...

546 views

Skip to first unread message

Steve Bannerman

unread,

Sep 6, 2013, 2:44:13 PM9/6/13

to ang...@googlegroups.com

All,

The AngularJS framework has been recommended as an MVC framework for developing Chrome Packaged Apps.

http://developer.chrome.com/apps/angular_framework.html

However, Chrome Packaged Apps either cannot do "dangerous" things (like eval, setTimeout, setInterval) in the root container and they cannot send XmlHttpRequests from a sandbox. From what I can gather, the recommended approach is to place applications that (may) need both in a sandbox and to perform XmlHttpRequests indirectly, by messaging the container and having it do the XmlHttpRequests.

https://groups.google.com/a/chromium.org/forum/#!topic/chromium-extensions/z7FSk_HEe40

https://code.google.com/p/chromium/issues/detail?id=139195

We've been able to refactor our AngularJS application so that our explicit XmlHttpRequests are done indirectly, through messaging from the sandbox application to the container application. However, there are some implicit (to us) XmlHttpRequests being made by the routeProviderModule, which I'm guessing are being delegated to the AngularJS $http service (http://docs.angularjs.org/api/ng.$http), which is then issuing the XmlHttpRequests. Some angular.js source code exploration has lead me to believe this.

Here's a representative error that I see in the sandbox part of the application:

XMLHttpRequest cannot load chrome-extension://kcjobhemdlclmiiiiacmclhmnmoedmml/app/path/to/some/page.html. Cannot make any requests from null.

And here's part of how we're configuring the route provider:

angular.module('routeProviderModule', []).config(['$routeProvider', function ($routeProvider) {

$routeProvider.when('/SomePath', {templateUrl: 'path/to/some/page.html'});

}]);

Is there a way to configure AngularJS so that resources will be loaded "locally" within a sandbox, rather than through HTTP (and specifically through XmlHttpRequests)?

Thanks in advance for any advice and/or guidance.

Cheers

giu mik

unread,

Nov 3, 2013, 11:10:04 AM11/3/13

to ang...@googlegroups.com

Hi Steve,

have you tried setting the whitelist of urls starting with chrome-extension? Something like:

App.config( [

'$compileProvider',

function( $compileProvider )

{

$compileProvider.urlSanitizationWhitelist(/^\s*(https?|ftp|mailto|chrome-extension):/);

}

]);

Please let me know

Giu

Reply all

Reply to author

Forward

0 new messages