Within the mother or father .htacess file I’ve the next:
SetEnvIf X-Requested-With "com.myapp" isMyApp
Header at all times set Entry-Management-Enable-Origin "*"
Header at all times set Content material-Safety-Coverage "frame-ancestors 'self' com.myapp *.mydomain.com " env=!isMyApp
Header at all times set Content material-Safety-Coverage "upgrade-insecure-requests;"
In a sub-folder .htaccess file I’ve the next:
SetEnvIf X-Requested-With "com.myApp" isMyApp
Header at all times set Entry-Management-Enable-Headers "X-Requested-With" env=isMyApp
In my app, I’m including the X-Requested-With to server calls when accessing recordsdata in that sub-folder. On Android it appears to be working; I get no errors, which is telling me its working. However on iOS, I get:
Did not load useful resource: Request header area X-Requested-With will not be allowed by Entry-Management-Enable-Headers
Which is telling me that its not working for iOS. In my developer instruments I see that I’m passing the header X-Requested-With for Android and iOS. How might it work for one and never the opposite?
