Currently, you can use Astro to build both iOS and Android applications.
For iOS, Astro supports iOS 9 and above. The Astro SDK and Astro apps are built using Xcode 10 and Swift 4.2.
For Android, Astro supports Android 4.4 and above. The Astro SDK and Astro apps are built using Android Studio 3.x.
Astro integrates Cordova allowing you to use existing Cordova plugins in your Astro app.
Astro currently uses the following versions of Cordova:
Site Requirements #
Astro puts very few requirements on the website that you use with an Astro app.
There is one important caveat though: Content-Security-Policy (CSP). If your
site is served with a CSP header (not
<meta http-equiv="Content-Security-Policy"> tag) you must make sure it is
compatible with Astro.
Content Security Policy is a security standard that helps to reduce Cross-site Scripting (XSS) attacks by declaring what resources a page may load. Put simply, it tells the browser where the page may fetch resources from.
The Astro client uses a custom URL scheme (
astro://) to enable communication
between the hosted website and other parts of Astro. If the server serves the
Content-Security-Policy header and it does not explicitly allow the Astro
astro://), then Astro will not work on that page/website.
When starting a new project, make sure to check if your site is served with a
Content-Security-Policy header. If so, add the Astro scheme to the
directive. If no
child-src directive exists, be sure to separate the existing
Content-Security-Policy directive from the
child-src one by a semi-colon.
< Content-Security-Policy: default-src 'self' https: data: ;script-src https: 'unsafe-inline' 'unsafe-eval' ; style-src https: 'unsafe-inline' 'unsafe-eval'; > Content-Security-Policy: default-src 'self' https: data: ;child-src astro:; script-src https: 'unsafe-inline' 'unsafe-eval' ; style-src https: 'unsafe-inline' 'unsafe-eval';