Declare CAMERA in AndroidManifest so RustWebChromeClient can show the system permission dialog. Inject Permissions-Policy meta for camera access in the Tauri shell.
Inject a Tauri shell script during CI prep to disable service workers and attach Bearer tokens on cross-origin API requests. Enable Android third-party cookies in MainActivity and eval the same script from Rust on page load.
walk() only matches files, so ensureNetworkSecurityXml never found
app/src/main/res and skipped creating the XML. AndroidManifest still
referenced @xml/network_security_config, causing AAPT link failures.
Co-authored-by: ShuMengya <shumengya666@outlook.com>
Enable cleartext HTTP in release APK, add network security config, and set connect-src CSP. Add CORS on Worker API for cross-origin fetches from packaged apps.
Co-authored-by: Cursor <cursoragent@cursor.com>