You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by GitBox <gi...@apache.org> on 2021/10/05 12:08:06 UTC

[GitHub] [cordova-plugin-media] sc0ttdav3y commented on pull request #316: Android 11 compatibility

sc0ttdav3y commented on pull request #316:
URL: https://github.com/apache/cordova-plugin-media/pull/316#issuecomment-934348822


   I read about that, but for my use-case it’s important that I have security enforced on these files. 
   
   From what I read about the external filesystem any app can read these files in Android 11, and that doesn’t seem like a good default choice to me. I expect having file security would be the default expectation of other developers too, plus it’s in line with what you get on other platforms such as iOS so it makes sense to me for a Cordova plug-in to be consistent.
   
   Also, using an external filesystem also seems to be conditional on the presence of a mounted volume which may not always be present. I have two devices here and none have external storage. I’m not an Android expert though so I may be wrong on this.
   
   Perhaps the filesystem could be an option for the plug-in that could be configured through JS? Ultimately, it doesn’t sit right to me to not have the files secured by default.
   
   > On 5 Oct 2021, at 10:03 pm, エリス ***@***.***> wrote:
   > 
   > 
   > Out of curiosity, have you tried using theContext#getExternalFilesDir(String), MediaStore, or Intent#ACTION_OPEN_DOCUMENT?
   > 
   > The three options above were mentioned on the Android Docs as alternatives to getExternalStorageDirectory and offer better performance.
   > 
   > From Android Docs, regarding to Context#getExternalFilesDir(String)
   > 
   > This is like getFilesDir() in that these files will be deleted when the application is uninstalled, however there are some important differences:
   > 
   > Shared storage may not always be available, since removable media can be ejected by the user. Media state can be checked using Environment#getExternalStorageState(File).
   > There is no security enforced with these files. For example, any application holding Manifest.permission.WRITE_EXTERNAL_STORAGE can write to these files.
   > —
   > You are receiving this because you authored the thread.
   > Reply to this email directly, view it on GitHub, or unsubscribe.
   > Triage notifications on the go with GitHub Mobile for iOS or Android. 
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org