cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jan Piotrowski (Sujan) (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CB-13648) Cordova Android Security Concern? What is the correct workflow for apps with this issue? (see description)
Date Fri, 08 Dec 2017 18:41:00 GMT

    [ https://issues.apache.org/jira/browse/CB-13648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16284006#comment-16284006
] 

Jan Piotrowski (Sujan) commented on CB-13648:
---------------------------------------------

This "problem" is system level and system wide, so yes, of course it also affects Cordova
apps running on Android devices that are vulnerable.

All that code there to check if the device is vulnerable and trigger an update would have
to be called via a Cordova plugin. I don't know if this exists already.

> Cordova Android Security Concern? What is the correct workflow for apps with this issue?
(see description)
> ----------------------------------------------------------------------------------------------------------
>
>                 Key: CB-13648
>                 URL: https://issues.apache.org/jira/browse/CB-13648
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: cordova-android
>            Reporter: Abhishek Joshi
>            Assignee: Joe Bowser
>
> https://developer.android.com/training/articles/security-gms-provider.html
> 1) Is this bug discussed above a concern with Cordova apps out of the Box (near helloworld
level of apps), since Cordova runs off Webviews?
> 2) If this bug is a concern, what should the correct workaround be? Do I need to create
my own plugin to manage this? Is there a solution?
> 3) Any comments?



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message