angularjs - Refused to connect to [Any Url] because it violates the following Content Security Policy directive

Question

I am trying to access data within post method and its name is Login() but when URL is transfer to its location at that time Error is generated.

Error:-Refused to connect to 'http://smartlearner.com/SmartLearner/UserAccount/[email protected]&Password=12345&crossDomain=true' because it violates the following Content Security Policy directive: "default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'". Note that 'connect-src' was not explicitly set, so 'default-src' is used as a fallback.

I packed the "Allow-Control-Allow-Origin: *" extension and installed it into chrome but it does not work.

Code

 $scope.Login = function (callback) {
    $http({
        method: "Post",
        url: "http://smartlearner.com/SmartLearner/UserAccount/LearnerLoginByMobileApp",
        params: {
            Password: $('#Password').val(),
            Email: $('#Email').val(),
            crossDomain: true
        }
    }).success(function (data) {

        //Do Something here

    }, callback)
    .error(function (data, errorThrown) {

       //Do Something here

    }, callback);
};

Answer 1

You need to install the whitelist plugin to allow XHR support in your Cordova app. You can't make external requests without it.

Run: cordova plugin add https://github.com/apache/cordova-plugin-whitelist.git