cordova-network-interceptor
Advanced tools
network interceptor for cordova app that will fix all protocol relative url requests to use https
Network interceptor for cordova app that will fix all protocol relative url requests to use https
Cordova is essentially a web view that serves files from the file system. As such, the protocl of the "url" it uses is file: (e.g. file://android_assets/www/index.html).
It is a common practice when writing modules, to reference urls to be used using the "relative protocol" // (e.g. //www.googleapis.com/widget.js).
In cordova, this causes the url to be fetched with the file: protocol, which causes faliures and unloaded external libraries.
For example, //www.googleapis.com/widget.js will be translated to file://www.googleapis.com/widget.js.
To overcome the issue, the library will monkey patch a few things to force the urls to be using the https: protocol.
The library performs 4 operations:
document.createElement method, which is used (amongst other things) to add dynamic scripts to be fetched by the browser.
The patch will alter the script src property if needed to use a proper protocol.Image constructor, which is commonly used to fire pixels. The patch will alter the image src property if needed to use a proper protocol.XMLHttpRequest object, to alter the url if needed to use a proper protocol, before the request is being executed.fetch API, to alter the url if needed to use a proper protocol, before the request is being executed.So, for example, if any script, no matter how fetched and when, will use //www.googleapis.com/widget.js as its source, it will be translated and fetched by the https://www.googleapis.com/widget.js correct url.
npm install cordova-network-interceptor --save
or
yarn add cordova-network-interceptor
Add at the TOP of the <head> element
<script src="node_modules/cordova-network-interceptor/dist/index.js"></script>
The code introduced here is inspired by a mesh up of code examples taken from:
FAQs
network interceptor for cordova app that will fix all protocol relative url requests to use https
We found that cordova-network-interceptor demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Company News
Socket won two 2026 Reppy Awards from RepVue, ranking in the top 5% of all sales orgs. AE Alexandra Lister shares what it's like to grow a sales career here.
Security News
NIST will stop enriching most CVEs under a new risk-based model, narrowing the NVD's scope as vulnerability submissions continue to surge.
Company News
/Security News
Socket is an initial recipient of OpenAI's Cybersecurity Grant Program, which commits $10M in API credits to defenders securing open source software.