Oauth2 (Dropbox) on iOS
merakosp at gmail.com
Wed Jul 25 10:16:43 EDT 2018
The "App URL Query Whitelist" field is for specifying a list of custom url
schemes that the standalone can launch (using the "launch URL
custom_url_scheme" command) on iOS 9+.
See bug https://quality.livecode.com/show_bug.cgi?id=18687 for more details.
On Wed, Jul 25, 2018 at 2:56 PM, Ben Rubinstein via use-livecode <
use-livecode at lists.runrev.com> wrote:
> Aha! Thanks Sean, that was a good tip: I now understand the problem.
> On simulator, my cut-down test app worked fine.
> On device, console shows:
>> App Transport Security has blocked a cleartext HTTP (http://) resource
>> load since it is insecure. Temporary exceptions can be configured via your
>> app's Info.plist file.
> The Oauth2 library requires the redirect URL to be of the form
> `http://127.0.0.1:port` - you pass the port number to the library, it
> assumes the `http://127.0.0.1`.
> The Dropbox app setup allows you to specify an HTTP redirect (but only for
> localhost redirect URLs). So this is all good - except it appears that iOS
> is not so happy! Not sure why an http connection to localhost should be
> insecure, but there you go. (Or indeed why ATS doesn't kick in on the
> I've posted a report in the QCC (#21442) to extend Oauth2 command to in
> some way allow the redirect URL to be HTTPs.
> In the meantime, I resigned myself to doing a custom info.plist, but found
> something that I'd not spotted before in the iOS Standalone Spp Settings:
> "App URL Query Whitelist" - which I thought might be exactly what I needed.
> Although I couldn't find any documentation for it.
> I still don't know what it does - but it doesn't do this! Does anyone know
> what it does do?
> There is also a checkbox "Disable ATS" - checking this displays a dire
> warning, doubtless correctly; but does indeed provide an easier way to
> solve the problem, at least for development. What it would do to your
> chances of getting an app into the App Store is another question.
> I've also added a report in the QC (#21444) - I thought I'd done this
> before, but maybe I just whinged on the mailing lists - for the Standalone
> Builder to support generic additions to the info.plist rather than
> requiring a completely separate one for anything unsupported.
> On 24/07/2018 22:22, Pi Digital via use-livecode wrote:
>> Open a console with either the device connected or the simulator and see
>> what calls are made when the allow button is pressed
>> On 24 Jul 2018, at 19:20, Ben Rubinstein via use-livecode <
>>> use-livecode at lists.runrev.com> wrote:
>>> I feel I've been through this before, but I've not been on it for a
>>> while, and I'm still (again) stuck.
>>> Using Oauth2 to connect an app to the Dropbox API works fine on desktop.
>>> On iOS, I get the overlay; with the Dropbox log-in; I sign in, and it
>>> then shows the message that this app would like access to the files in
>>> Dropbox, with buttons (from Dropbox) Cancel or Allow (and a link "Learn
>>> However, neither the Cancel nor Allow buttons do anything. Fortunately
>>> there is now an LC 'cancel' button at the bottom of the overlay (thanks
>>> Monte! https://github.com/livecode/livecode/pull/6315).
>>> But something's not happening which should (I assume) happen when the
>>> user touches "Allow". (There is a tiny bit of visible feedback.)
>>> I know on a previous occasion I solved my issue with inclusions, but I
>>> don't think that's the problem this time. I have (manual inclusions) the
>>> Browser widget, the JSON and Oauth2 libraries, and the internet library.
>>> The call to Oauth2 is wrapped in a try block, and I'm not seeing a catch
>>> (can't be sure that I would, but when I use the new emergency cancel, my
>>> script just reports "Not authorised" where if I drop the Oauth2 library, I
>>> get a dialog reporting the catch).
>>> What am I missing? Is anyone else able to succesfully connect to Dropbox
>>> using the Oauth2 library on LC 9.0.0, iOS 9.3 (or any similar environments)?
>>> use-livecode mailing list
>>> use-livecode at lists.runrev.com
>>> Please visit this url to subscribe, unsubscribe and manage your
>>> subscription preferences:
>> use-livecode mailing list
>> use-livecode at lists.runrev.com
>> Please visit this url to subscribe, unsubscribe and manage your
>> subscription preferences:
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
More information about the use-livecode