How do we turn off loading insecure HTTP requests?

If we analyze the generated ipa file with ProvisionQL we can see that the allow insecure http loads is turned on:
image

How can we disable it?

This plugin may help:

This too:

https://cordova.apache.org/docs/en/latest/guide/appdev/allowlist/index.html

but CSP may also be the way to go here.

Thanks, we fixed it by changing <allow-navigation href="*://*/*"/> to <allow-navigation href="https://*/*"/>.