For our application, we are using the video player of an enterprise video platform. Using the web application, we can perfectly show videos. With the hybrid application however, we get an 'entry restricted due to access-control' error. Looking at the request headers, I see that the webapp-request contains a referer. The hybrid app does not contain the referer header, but does contain an X-Requested-With header that contains the Android package name. During a quick Google search on these headers, I found that Cordova often uses Cross-domain/Cross-origin requests and I know that the video platform is pretty strict on domain authorization. I also saw that there is a Cordova plugin to add a header to an HTTP request, but the requests are not coming from our application directly; they are coming from an external script that we load. Does anyone know a solution to convert these kind of requests to trusted requests?
We had trouble whit Youtube to load through iframe. Don't know it helps; we added this to the config
<!-- allow assets to be loaded and open links in the app itself, see: http://phonegap.com/blog/2012/03/20/access-tags/ -->
<!-- Issue 204079: Allow retrieval of any resource. Custom widgets can point to anything. -->
<access origin="*" />
<!-- zorgen dat iframes blijven werken op IOS: http://stackoverflow.com/questions/38343819/iframe-on-cordova-app-not-working -->
<allow-navigation href="*" />