I have an app built with Corber for Ember-Cordova. Xcode version 9.3 cordova-ios@4.5.4 All dependencies updated to latest versions.
I'm testing on simulator as I don't have a development iPhone that can install iOS 11.
The app loads fine on iOS 11.2 and earlier - but on iOS 11.3 it gets stuck at the splash screen. After a while I see a loading icon, but the page never changes.
By analyzing with Safari as soon as the app starts loading, I can see that the the js scripts and the css are not being loaded from /www/index.html. This is what I see in the console log:
Cannot load script file:///Users/username/Library/Developer/CoreSimulator/Devices/07A01A47-573B-4D25-ABE3-AV9179985ABF/data/Containers/Bundle/Application/7976FE33-BLO3-21E9-A055-707AAC68468B/App%20Name.app/www/assets/vendor-e8t893cf6a6bg0f81f23d4a68ae6ffde.js. Failed integrity metadata check.
I've tried to find info on an 'integrity metadata check', and as far as I can see, it's being run by iOS to verify the checksum of the scripts being imported. In /www/index.html within Xcode I can see that the script tags have "integrity" properties, which are two checksums - one sha256, and one sha512. e.g.
<script src="assets/vendor-e8e903cf6a6bf0f81f23d4b68ae6ffde.js" integrity="sha256-MPm9fFc7ljuslonkMxW0TnQOAcy6KgJ4zLs+ptl/b58= sha512-oIqpQbUMPLBbSASoSCJ/+z55y2g6NlBzhTE3V+uDt8TNeJam5GAWoGT/D2u4ihIxE586JPu3c+r4GaUpjUWCAw=="></script>
So I guess what's happening is that somehow iOS 11.3 is checking the checksums of the files, comparing to their "integrity" property and not getting a match. Does anyone know what could be causing that to happen and how it could be fixed?
N.B. Although on the face of it this is about not being able to load resources, I don't think this is to do with the content security policy - I've tried several iterations of the content security policy in /www/index.html - most recently:
default-src * gap://ready file:; style-src 'self' 'unsafe-inline' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *
None of those seem to have made a difference and I would expect to see an error related to content security policy if it was an issue.
Aucun commentaire:
Enregistrer un commentaire