我正在开发使用离子，的iOS和Android应用程序了。我在使用加载外部图像 NG-SRC 于网址：

I'm developing an application using ionic, iOS, and Android, too. I have to load external images using ng-src at url:

http://test.url.eu:1337/fileuploads/receive/552f6d1786a3ea3772000004

它工作正常，在iOS上，但在Android上我有不安全的错误，并且图像不加载。 我该如何才能解决这个问题？

It works fine on iOS, but on android I have unsafe error and the image is not loaded. How can I can fix this?

编辑： 它适用于Android的4.4和5个而不是＆LT; 4.4。我使用crosswolk ..三江源

It works on android 4.4 and 5 but not for < 4.4. I'm using crosswolk.. thankyou

推荐答案

我所在的应用程序在Android上的电脑，但404的工作太棒了类似的问题。 根据您的科尔多瓦的版本，在科尔多瓦的Andr​​oid 4.0.0公告看出，自科尔多瓦4.0.0它可能是你必须添加的科尔多瓦 -

I had a similar problem where the app worked great on PC but 404's on android. Depending on your Cordova version, as seen at Cordova Android 4.0.0 announcement, since Cordova 4.0.0 it could be you must add the cordoba-

白名单功能改组

  您将需要添加新的科尔多瓦 - 插件白名单的插件来继续使用白名单   设置内容安全性策略（CSP），现在支持，并是推荐的方式，以白名单（见插件自述详情）   在网络请求默认情况下阻止无插件，所以安装这个插件，甚至允许所有的请求，即使您正在使用CSP。   在这个新的白名单中得到了增强，更加安全和可配置的，但   遗产白名单的行为仍然可以通过一个单独的插件（不推荐）。   注：虽然本次发行不严格一部分，由科尔多瓦-CLI创建最新的默认应用程序将包含此插件默认    You will need to add the new cordova-plugin-whitelist plugin to continue using a whitelist Setting a Content-Security-Policy (CSP) is now supported and is the recommended way to whitelist (see details in plugin readme) Network requests are blocked by default without the plugin, so install this plugin even to allow all requests, and even if you are using CSP. This new whitelist is enhanced to be more secure and configurable, but the Legacy whitelist behaviour is still available via a separate plugin (not recommended). Note: while not strictly part of this release, the latest default app created by cordova-cli will include this plugin by default.

要安装：科尔多瓦插件添加https://github.com/apache/cordova-plugin-whitelist.git 。

在此，你将需要添加的强制性内容安全策略：（一个简单的尝试是：＆LT; META HTTP-当量=内容安全性政策的内容=默认-src *; IMG-SRC *;风格-src的'自我''不安全的内联;脚本的src'自我''不安全的内联'不安全-EVAL'＆GT; 但我会建议阅读的选项为： http://content-security-policy.com ）。 不要忘记检查你的的config.xml 定义接入​​原点（最简单的是＆LT;获得原产地=*/＆GT; ）。如果仍然不能正常工作看看 https://github.com/apache/如果您需要导航或意图白名单科尔多瓦 - 插件白名单＃导航白名单看。 祝你好运！

After this you'll need to add the mandatory content security policy: (a simple one to try out is: <meta http-equiv="Content-Security-Policy" content="default-src *; img-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'"> but i would recommend reading about the options at http://content-security-policy.com). Don't forget to check your config.xml for defining access origin (simplest is <access origin="*"/>). If still does not work have a look at https://github.com/apache/cordova-plugin-whitelist#navigation-whitelist to see if you require navigation or intent white-listing. Good luck!