Hi!
We are building a phonegap app that will include som mapping features using phonegap/Cordova. Cordova serves up HTML/JS files in a webview on the smartphone straight from "disk" using the file:// protocol. This seems to be confusing the JS APIs, and the referrer is not included when a request to a secure service is made, hence the token is considered invalid.
Is this a bug in the JS API, or is there a known workaround? We cannot have username/password stored on the devices, and the devices will change IPs frequently. Our current solution is to serve a token to the clients based on their IP that they can use, but this is not ideal.