Cordova application store submission problem: The Application cannot include an ApplicationContentUriRule with 'all' or 'allowForWebOnly' WindowsRuntimeAccess RRS feed

  • Question

  • I have an Ionic(3) Cordova application, where I want to include a Windows UWP version. On iOS and Android I have no problems, but UWP I just cannot get my ajax to work and be store compliant. My issue is with my ajax calls being blocked on corporate networks as outlined here

    So, the issue was I needed to add privateNetworkClientServer, which when testing locally, fixed the blocking issue. Also, as explained in the link, I have attempted to add the "local mode".

    Now, when I submit to the store, it is rejected with the following..

    Error Found: The app manifest test detected the following errors:
        o    The Application cannot include an ApplicationContentUriRule with 'all' or 'allowForWebOnly' WindowsRuntimeAccess while any of the following capabilities are enabled: enterpriseAuthentication, sharedUserCertificates, musicLibrary, picturesLibrary, videosLibrary, removableStorage, documentLibrary, internetClientServer, privateNetworkClientServer.

    So, now I am trying to remove the

                <uap:Rule Match="http://localhost:8080/*" Type="include" WindowsRuntimeAccess="all" />

    from the appmanifest, but when I do the Ionic/Cordova build, it keeps adding it back.

    It seems there is something wrong with everything I do, all I want to do is run ajax calls across a network (seems like a pretty common case to me)

    Anyway, does anyone have any ideas on this latest problem, Ie the

     <uap:Rule Match="http://localhost:8080/*" Type="include" 
         WindowsRuntimeAccess="all" />

    Thanks in advance for any help.

    Saturday, October 27, 2018 8:33 AM

All replies

  • This is a fundamental logical conflict between the certification rules Microsoft implements for UWP Store Apps and the Cordova build system Microsoft implements in Visual Studio 2015 or 2017 or whatever. Finally there is no out-of-the box way to create UWP Apps that can be certified for Microsoft Store, if they use one of the following features: enterpriseAuthentication, sharedUserCertificates, musicLibrary, picturesLibrary, videosLibrary, removableStorage, documentLibrary, internetClientServer, privateNetworkClientServer

    Most annoying for app developers of course the lack of access to Picture, Documents, Music or Video Libraries.

    So, pls, Microsoft, provide the source code for at least one single sample project in your collection of Windows 10 UWP samples for a Cordova App here:

    that is compliant with your brilliant certification rules. If you want maybe anyone else to build UWP apps based on web technology for your Store ever.

    P.S.: In addition, remembering your collection of "Windows-universal-samples" codes on GitHub. There's a sample project CameraOpenCV. Have you ever tried to self-certificate your own sample? Oh, you may crash with the libraries you reference from at nuget ;) Would have been nice to the developers to inform them about that they need to download the full source code of of the OpenCV libraries themself and create their own makefiles to come to a result after some work to do and get that kind of DLLs, that might accomplish to your brilliant Store certification rules. 

    But I know, testing your own program code isn't very common at your stall ;)

    P.P.S.: Beside all certification rules gimmicks you have implemented, You're also aware of that Google might provide a kind of App Store called "Play Store" that is far more like "Megaupload", allowing virtually everyone to upload virtually everything within less than half an hour? I know the concerns about security. But, Just, compare, what strategy is more successful at the market and what store is more beloved in all journalists publications ;)
    • Edited by g1b3t Wednesday, February 27, 2019 5:00 PM
    Wednesday, February 27, 2019 4:16 PM
  • I have another thread (not sure why I ended up with multiple) here, which ends up with how I got it working in my case, after spending an insane amount of time on it. (if look at the last two or 3 comments). May or may not be of some use?
    • Edited by Peter-j-c Thursday, February 28, 2019 1:49 AM
    Thursday, February 28, 2019 1:48 AM
  • Hello Peter & readers of the MSDN team,

    I felt again into this trap recently and want to add some remarks.

    At, first, thank you, Peter for your suggestions. But, it looks like that they won't help in most cases of more complex Cordova / JavaScript apps using additional libraries. There are remarks concerning this problen in Cordova documentation:

    Windows 10 introduces a new feature called "Remote mode" for HTML applications. Prior to it, Windows 8.1 apps worked on what is now termed as "Local Mode" in Windows 10, in which HTML Applications have full access to the native Windows API surface and capabilities. Local Mode disallows inline script in order to prevent script injection attacks, which could result in leaking personally-identifiable information due to malicious code. It also requires developers who perform DOM manipulation to do so within an explicit context (MSApp.execUnsafeLocalFunction).

    Remote Mode eliminates those requirements, which makes it possible to use unmodified libraries like jQuery or AngularJS directly in your code, without any changes. To do so, it removes your ability to declare certain capabilities when certifying your app in the Windows Store. The removal of these capabilities usually doesn't prevent accessing certain functionality, but it might require the use of a different combination of APIs or tactics.

    A work around all restrictions of "local mode" could result in the need of rewrite of dependent code or might be near to impossible with a realistic development effort, time frame and budget. 

    Usually the restriction, that might hurt developers most, is the lack of access to picturesLibrary. You may find the following tip in the Cordova documentation, too:

    Each of the library restrictions may be worked around by requesting that the user interact with the file system via a File Picker. This prevents malicious injected code from arbitrarily accessing the file system.

    But, this implies that the app won't need unattended access to the file system and instead only manual interaction by the user. So, in some cases this workaround could be a solutions. In other cases, like in our app the automatic import of pictures from scanner device that is connected locally via USB and writes into the picturesLibrary, this workaround does not work.  

    While Google and not even Apple has any problem with certifying apps based on the same source code, maybe there will be anyone at Microsoft rethinking about their in fact useless restrictions that only lead to JavaScript apps that are non- or less-functional or no longer submitted into the Microsoft store. 

    So my suggestion concerning these additional restrictions of access to the local libraries by apps is:


    You can be sure, in most cases the user better knows what he/she want to do with a certain app or device than your colleagues in Microsoft think that they might know about. So, the user can set in the Windows properties, if he/she want to allow access to the local device libraries or not.

    • Edited by g1b3t Sunday, October 13, 2019 10:05 AM
    Sunday, October 13, 2019 9:44 AM