You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cordova.apache.org by pu...@apache.org on 2020/12/02 08:35:46 UTC
[cordova-docs] branch master updated: docs: update allow list
(#1142)
This is an automated email from the ASF dual-hosted git repository.
purplecabbage pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cordova-docs.git
The following commit(s) were added to refs/heads/master by this push:
new dbf27f0 docs: update allow list (#1142)
dbf27f0 is described below
commit dbf27f08f54be71f45dab003a9057dbca8a09dce
Author: エリス <er...@users.noreply.github.com>
AuthorDate: Wed Dec 2 17:32:43 2020 +0900
docs: update allow list (#1142)
* docs: update allow list
* chore: fix en toc src
* chore: correct section block headers
* doc: remove unsupported/obsolete library reference
Co-authored-by: Norman Breau <no...@nbsolutions.ca>
---
www/_data/fetched-files.yml | 7 -
www/_data/redirects.yml | 7 +-
www/_data/toc/en_dev-src.yml | 3 +-
www/docs/en/dev/guide/appdev/allowlist/index.md | 206 ++++++++++++++++++++++++
www/docs/en/dev/guide/appdev/security/index.md | 9 +-
www/docs/en/dev/guide/appdev/whitelist/index.md | 142 ----------------
www/static/plugins/official-plugins.json | 3 +-
7 files changed, 216 insertions(+), 161 deletions(-)
diff --git a/www/_data/fetched-files.yml b/www/_data/fetched-files.yml
index e0df449..f8af3c7 100644
--- a/www/_data/fetched-files.yml
+++ b/www/_data/fetched-files.yml
@@ -108,13 +108,6 @@
path: "reference/cordova-plugin-statusbar/index.md"
-
src:
- repoName: "apache/cordova-plugin-whitelist"
- packageName: "cordova-plugin-whitelist"
- commit: "master"
- dest:
- path: "reference/cordova-plugin-whitelist/index.md"
--
- src:
repoName: "apache/cordova-plugin-screen-orientation"
packageName: "cordova-plugin-screen-orientation"
commit: "master"
diff --git a/www/_data/redirects.yml b/www/_data/redirects.yml
index bfc3adb..1146a34 100644
--- a/www/_data/redirects.yml
+++ b/www/_data/redirects.yml
@@ -87,6 +87,7 @@ docs:
"latest/reference/cordova-plugin-file-transfer/index.html": "deprecated.html"
"latest/reference/cordova-plugin-globalization/index.html": "deprecated.html"
"latest/reference/cordova-plugin-legacy-whitelist/index.html": "deprecated.html"
+ "latest/reference/cordova-plugin-whitelist/index.html": "latest/guide/appdev/allowlist/index.html"
# Old plugin API docs need to be redirected to latest where we pull in the READMEs
"latest/cordova/accelerometer/acceleration/acceleration.html": "latest/reference/cordova-plugin-device-motion/index.html"
@@ -368,7 +369,7 @@ docs:
"latest/cordova-plugin-splashscreen/index.html": "latest/reference/cordova-plugin-splashscreen/index.html"
"latest/cordova-plugin-vibration/index.html": "latest/reference/cordova-plugin-vibration/index.html"
"latest/cordova-plugin-statusbar/index.html": "latest/reference/cordova-plugin-statusbar/index.html"
- "latest/cordova-plugin-whitelist/index.html": "latest/reference/cordova-plugin-whitelist/index.html"
+ "latest/cordova-plugin-whitelist/index.html": "latest/guide/appdev/allowlist/index.html"
"latest/cordova-plugin-legacy-whitelist/index.html": "latest/reference/cordova-plugin-legacy-whitelist/index.html"
# 301 (PERMANENT) redirect paths relative to /docs/XX/YYY/
@@ -394,7 +395,7 @@ docs-global:
"cordova_splashscreen_splashscreen.md.html": "cordova/splashscreen/splashscreen.html"
"cordova_storage_storage.md.html": "cordova/storage/storage.html"
"guide_appdev_privacy_index.md.html": "guide/appdev/privacy/index.html"
- "guide_appdev_whitelist_index.md.html": "guide/appdev/whitelist/index.html"
+ "guide_appdev_whitelist_index.md.html": "guide/appdev/allowlist/index.html"
"guide_cli_index.md.html": "guide/cli/index.html"
"guide_cli_template.md.html": "guide/cli/template.html"
"guide_hybrid_plugins_index.md.html": "guide/hybrid/plugins/index.html"
@@ -499,7 +500,7 @@ docs-global:
"guide_upgrading_ios_index.md.html": "guide/upgrading/ios/index.html"
"guide_upgrading_symbian_index.md.html": "guide/upgrading/symbian/index.html"
"guide_upgrading_windows-phone_index.md.html": "guide/upgrading/windows-phone/index.html"
- "guide_whitelist_index.md.html": "guide/whitelist/index.html"
+ "guide_whitelist_index.md.html": "guide/appdev/allowlist/index.html"
"guide_command-line_index.md.html": "guide/command-line/index.html"
"guide_cordova-webview_android.md.html": "guide/cordova-webview/android.html"
"guide_cordova-webview_index.md.html": "guide/cordova-webview/index.html"
diff --git a/www/_data/toc/en_dev-src.yml b/www/_data/toc/en_dev-src.yml
index 96cc032..cbe0318 100644
--- a/www/_data/toc/en_dev-src.yml
+++ b/www/_data/toc/en_dev-src.yml
@@ -22,7 +22,7 @@
- url: cordova/storage/storage.html
- url: guide/appdev/privacy/index.html
- url: guide/appdev/security/index.html
- - url: guide/appdev/whitelist/index.html
+ - url: guide/appdev/allowlist/index.html
-
name: Create plugins
children:
@@ -64,4 +64,3 @@
- url: reference/cordova-plugin-splashscreen/index.html
- url: reference/cordova-plugin-statusbar/index.html
- url: reference/cordova-plugin-vibration/index.html
- - url: reference/cordova-plugin-whitelist/index.html
diff --git a/www/docs/en/dev/guide/appdev/allowlist/index.md b/www/docs/en/dev/guide/appdev/allowlist/index.md
new file mode 100644
index 0000000..ec3fd12
--- /dev/null
+++ b/www/docs/en/dev/guide/appdev/allowlist/index.md
@@ -0,0 +1,206 @@
+---
+license: >
+ Licensed to the Apache Software Foundation (ASF) under one
+ or more contributor license agreements. See the NOTICE file
+ distributed with this work for additional information
+ regarding copyright ownership. The ASF licenses this file
+ to you under the Apache License, Version 2.0 (the
+ "License"); you may not use this file except in compliance
+ with the License. You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing,
+ software distributed under the License is distributed on an
+ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ KIND, either express or implied. See the License for the
+ specific language governing permissions and limitations
+ under the License.
+
+title: Allow List Guide
+toc_title: Allow List
+description: Securely grant an application access to external resources.
+---
+
+# Allow List Guide
+
+Domain allow listing is a security model that controls access to external domains over which your application has no control. Cordova provides a configurable security policy to define which external sites may be accessed.
+
+By default, new apps are configured to allow access to any site. Before moving your application to production, you should formulate an allow list to provide access to specific network domains and subdomains.
+
+While it is possible to implement your own allow list plugin, it is not recommended unless your app needs a very specific security policy.
+
+## Network Request Allow List
+
+Cordova adheres to the [W3C Widget Access][1] specification, which relies on the `<access>` element within the app's `config.xml` file, which is located in the project's top-level directory.
+
+This controls which network requests (images, XHRs, etc) are allowed to be made to specific domains (via cordova native hooks).
+
+Note: It is suggested to use a [Content Security Policy (CSP)](#Content-Security-Policy-(CSP)) (see below), which is more secure. This network request allow list is mostly historical for webviews which do not support CSP.
+
+In `config.xml`, add `<access>` tags, like this:
+
+```xml
+<!-- Allow images, xhrs, etc. to google.com -->
+<access origin="http://google.com" />
+<access origin="https://google.com" />
+
+<!-- Access to the subdomain maps.google.com -->
+<access origin="http://maps.google.com" />
+
+<!-- Access to all the subdomains on google.com -->
+<access origin="http://*.google.com" />
+
+<!-- Enable requests to content: URLs -->
+<access origin="content:///*" />
+
+<!-- Don't block any requests -->
+<access origin="*" />
+```
+
+Without any `<access>` tags, only requests to `file://` URLs are allowed. However, the default Cordova application includes `<access origin="*">` by default.
+
+Note: Allow List cannot block network redirects from a allow listed remote website (i.e. `http` or `https`) to a non-allowlisted website. Use CSP rules to mitigate redirects to non-allowlisted websites for webviews that support CSP.
+
+Be aware that some websites may automatically redirect from their home page to a different url. Example scenarios could be, but not limited to:
+
+* Redirecting `http` protocol requests to the secure `https` SSL/TSL protocol.
+* Redirecting to country-specific domain. E.g. `https://www.google.com` to redirect to `https://www.google.co.uk` based on device geography.
+
+Such scenarios may require modified or adding to the allow list additional entries beyond your initial requirement. Please consider this when building the app's allow list.
+
+Quirk: Android also allows requests to https://ssl.gstatic.com/accessibility/javascript/android/ by default, since this is required for TalkBack to function properly.
+
+## Navigation Allow List
+
+This controls which URLs the WebView itself can be navigated to. It applies only to top-level navigations.
+
+By default navigations are only allowed to `file://` URLs. To allow others URLs, you must add `<allow-navigation>` tags to your `config.xml`:
+
+```xml
+<!-- Allow links to example.com -->
+<allow-navigation href="http://example.com/*" />
+
+<!-- Wildcards are allowed for the protocol, as a prefix
+ to the host, or as a suffix to the path -->
+<allow-navigation href="*://*.example.com/*" />
+
+<!--
+ A wildcard can be used to allow the entire network, over HTTP and HTTPS.
+ This is *NOT RECOMMENDED*
+-->
+<allow-navigation href="*" />
+
+<!-- The above is equivalent to these three declarations -->
+<allow-navigation href="http://*/*" />
+<allow-navigation href="https://*/*" />
+<allow-navigation href="data:*" />
+```
+
+Quirks: on Android it also applies to iframes for non-http(s) schemes.
+
+## Intent Allow List
+
+This controls which URLs the app is allowed to ask the system to open.
+
+In `config.xml`, add `<allow-intent>` tags, like this:
+
+```xml
+<!-- Allow links to web pages to open in a browser -->
+<allow-intent href="http://*/*" />
+<allow-intent href="https://*/*" />
+
+<!-- Allow links to example.com to open in a browser -->
+<allow-intent href="http://example.com/*" />
+
+<!-- Wildcards are allowed for the protocol, as a prefix
+ to the host, or as a suffix to the path -->
+<allow-intent href="*://*.example.com/*" />
+
+<!-- Allow SMS links to open messaging app -->
+<allow-intent href="sms:*" />
+
+<!-- Allow tel: links to open the dialer -->
+<allow-intent href="tel:*" />
+
+<!-- Allow geo: links to open maps -->
+<allow-intent href="geo:*" />
+
+<!-- Allow all unrecognized URLs to open installed apps
+ *NOT RECOMMENDED* -->
+<allow-intent href="*" />
+```
+
+Without any `<allow-intent>` tags, no requests to external URLs are allowed. However, the default Cordova application includes a quite liberal set of `allow-intent` entries by default. It is advised to narrow this down based on each app's needs.
+
+On Android, this equates to sending an intent of type **BROWSEABLE**.
+
+This allow list applies only to the main Cordova webview, and does not apply to any plugins, for example the InAppBrowser webview, or opening links in the system web browser. It is only aplied to **hyperlinks** and calls to `window.open()`.
+
+Note: `allow-navigation` takes precedence over `allow-intent`. Allowing navigation to all URLs with `<allow-navigation href="*" />` for example has the side effect of "capturing" all intents, so the webview navigates to them instead of triggering e.g. external apps.
+
+## Content Security Policy (CSP)
+
+Controls which network requests (images, XHRs, etc) are allowed to be made (via webview directly).
+
+On Android and iOS, the network request allow list (see above) is not able to filter all types of requests (e.g. `<video>` & WebSockets are not blocked). So, in addition to the allow list, you should use a [Content Security Policy](http://content-security-policy.com/) `<meta>` tag on all of your pages.
+
+Here are some example CSP declarations for your `.html` pages:
+
+```html
+<!-- Good default declaration:
+ * gap: is required only on iOS (when using UIWebView) and is needed for JS->native communication
+ * https://ssl.gstatic.com is required only on Android and is needed for TalkBack to function properly
+ * Disables use of eval() and inline scripts in order to mitigate risk of XSS vulnerabilities. To change this:
+ * Enable inline JS: add 'unsafe-inline' to default-src
+ * Enable eval(): add 'unsafe-eval' to default-src
+-->
+<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com; style-src 'self' 'unsafe-inline'; media-src *">
+
+<!-- Allow everything but only from the same origin and foo.com -->
+<meta http-equiv="Content-Security-Policy" content="default-src 'self' foo.com">
+
+<!-- This policy allows everything (eg CSS, AJAX, object, frame, media, etc) except that
+ * CSS only from the same origin and inline styles,
+ * scripts only from the same origin and inline styles, and eval()
+-->
+<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
+
+<!-- Allows XHRs only over HTTPS on the same domain. -->
+<meta http-equiv="Content-Security-Policy" content="default-src 'self' https:">
+
+<!-- Allow iframe to https://cordova.apache.org/ -->
+<meta http-equiv="Content-Security-Policy" content="default-src 'self'; frame-src 'self' https://cordova.apache.org">
+```
+
+## Other Notes
+
+[Application Transport Security (ATS)](https://developer.apple.com/library/prerelease/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33) is new in iOS 9 (Xcode 7). This new feature acts as an allow list for your app. Cordova CLI will automatically convert the `<access>` and `<allow-navigation>` tags to the appropriate ATS directives.
+
+The `<access>` and `<allow-navigation>` tags support these three attributes below, which have their equivalents in ATS:
+
+1. `minimum-tls-version` (String, defaults to 'TLSv1.2')
+2. `requires-forward-secrecy` (Boolean, defaults to 'true')
+3. `requires-certificate-transparency` (Boolean, defaults to 'false', new in iOS 10)
+
+**Example:**
+
+```xml
+<access origin='https://cordova.apache.org' minimum-tls-version='TLSv1.1' requires-forward-secrecy='false' requires-certificate-transparency='true' />
+```
+
+In iOS 10 and above, the `<access>` tag also supports these three attributes, described below, when paired with the origin wildcard `*`. These attributes also have their equivalents in ATS:
+
+1. `allows-arbitrary-loads-for-media` (Boolean, defaults to 'false', new in iOS 10. New in cordova-ios@4.5.0, fixed to use the proper attribute name). The old attribute `allows-arbitrary-loads-in-media` is now deprecated.
+2. `allows-arbitrary-loads-in-web-content` (Boolean, defaults to 'false', new in iOS 10)
+3. `allows-local-networking` (Boolean, defaults to 'false', new in iOS 10)
+
+**Example:**
+
+```xml
+<access origin='*' allows-arbitrary-loads-for-media='true' allows-arbitrary-loads-in-web-content='true' allows-local-networking='true' />
+```
+
+See the [ATS Technote](https://developer.apple.com/library/prerelease/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33) for more details.
+
+[1]: http://www.w3.org/TR/widgets-access/
diff --git a/www/docs/en/dev/guide/appdev/security/index.md b/www/docs/en/dev/guide/appdev/security/index.md
index dc965b8..eef11e5 100644
--- a/www/docs/en/dev/guide/appdev/security/index.md
+++ b/www/docs/en/dev/guide/appdev/security/index.md
@@ -27,7 +27,8 @@ description: Information and tips for building a secure application.
The following guide includes some security best practices that you should consider when developing a Cordova application. Please be aware that security is a very complicated topic and therefore this guide is not exhaustive. If you believe you can contribute to this guide, please feel free to file an issue in Cordova's bug tracker under ["Documentation"](https://issues.apache.org/jira/browse/CB/component/12316407). This guide is designed to be applicable to general Cordova development (a [...]
## This guide discusses the following topics:
-* Whitelist
+
+* Allow List
* Iframes and the Callback Id Mechanism
* Certificate Pinning
* Self-signed Certificates
@@ -35,11 +36,9 @@ The following guide includes some security best practices that you should consid
* General Tips
* Recommended Articles and Other Resources
-## Whitelist
-
-* Read and understand the [Whitelist Guide](../whitelist/index.html)
+## Allow List
-* Domain whitelisting does not work on Android API 10 and below, and WP8 for iframes and XMLHttpRequest. This means an attacker can load any domain in an iframe and any script on that page within the iframe can directly access Cordova JavaScript objects and the corresponding native Java objects. You should take this into consideration when building applications for these platforms. In practice this means making sure you target an Android API higher than 10, and that if possible you do no [...]
+By default the app's navigation is unrestricted. It's recommended to restrict the navigation only to trusted domains. Learn more by reading the [Allow List Guide](../allowlist/index.html)
## Iframes and the Callback Id Mechanism
diff --git a/www/docs/en/dev/guide/appdev/whitelist/index.md b/www/docs/en/dev/guide/appdev/whitelist/index.md
deleted file mode 100644
index d80e943..0000000
--- a/www/docs/en/dev/guide/appdev/whitelist/index.md
+++ /dev/null
@@ -1,142 +0,0 @@
----
-license: >
- Licensed to the Apache Software Foundation (ASF) under one
- or more contributor license agreements. See the NOTICE file
- distributed with this work for additional information
- regarding copyright ownership. The ASF licenses this file
- to you under the Apache License, Version 2.0 (the
- "License"); you may not use this file except in compliance
- with the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing,
- software distributed under the License is distributed on an
- "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- KIND, either express or implied. See the License for the
- specific language governing permissions and limitations
- under the License.
-
-title: Whitelist Guide
-toc_title: Whitelisting
-description: Securely grant an application access to external resources.
----
-
-# Whitelist Guide
-
-Domain whitelisting is a security model that controls access to
-external domains over which your application has no control. Cordova
-provides a configurable security policy to define which external sites may be
-accessed. By default, new apps are configured to allow access to any site.
-Before moving your application to production, you should formulate a whitelist
-and allow access to specific network domains and subdomains.
-
-For Android (as of its 4.0 release), Cordova's security policy is extensible via a plugin
-interface. Your app should use the [cordova-plugin-whitelist][wlp], as it provides
-better security and configurability than earlier versions of Cordova. While
-it is possible to implement your own whitelist plugin, it is not recommended
-unless your app has very specific security policy needs. See the
-[cordova-plugin-whitelist][wlp] for details on usage and configuration.
-
-For other platforms, Cordova adheres to the [W3C Widget Access][1] specification,
-which relies on the `<access>` element within the app's `config.xml` file to
-enable network access to specific domains. For projects that rely on
-the CLI workflow described in [The Command-Line Interface](../../cli/index.html), this file is
-located in the project's top-level directory. Otherwise for
-platform-specific development paths, locations are listed in the
-sections below.
-
-The following examples demonstrate `<access>` whitelist syntax:
-
-* Access to [google.com][2]:
-
- ```xml
- <access origin="http://google.com" />
- ```
-
-* Access to the secure [google.com][3] (`https://`):
-
- ```xml
- <access origin="https://google.com" />
- ```
-
-* Access to the subdomain [maps.google.com][4]:
-
- ```xml
- <access origin="http://maps.google.com" />
- ```
-
-* Access to all the subdomains on [google.com][2], for example
- [mail.google.com][5] and [docs.google.com][6]:
-
- ```xml
- <access origin="http://*.google.com" />
- ```
-
-* Access to _all_ domains, for example, [google.com][2] and
- [developer.mozilla.org][7]:
-
- ```xml
- <access origin="*" />
- ```
-
- This is the default value for newly created CLI projects.
-
-Be aware that some websites may automatically redirect from their home page to
-a different url, such as using https protocol or to a country-specific
-domain. For example `http://www.google.com` will redirect to use SSL/TLS at
-`https://www.google.com`, and then may further redirect to a geography such as
-`https://www.google.co.uk`. Such scenarios may require modified or additional
-whitelist entries beyond your initial requirement. Please consider this
-as you are building your whitelist.
-
-Note that the whitelist applies only to the main Cordova webview, and does not
-apply to an InAppBrowser webview or opening links in the system web browser.
-
-## Android Whitelisting
-
-As above, see [cordova-plugin-whitelist][wlp] for details. For cordova-android
-prior to 4.0.0, see older versions of this documentation.
-
-## iOS Whitelisting
-
-`Cordova-ios` version 4.0 and greater does **not** require the [cordova-plugin-whitelist][wlp] plugin to be installed, however its configuration details apply to iOS too. The `<allow-intent>` and `<allow-navigation>` tags are _new_ for cordova-ios 4.x and greater, see the [cordova-plugin-whitelist][wlp] documentation for details on the usage of these tags.
-
-For cordova-ios versions prior to 4.0.0, see the older versions of this documentation.
-
-[Application Transport Security (ATS)](https://developer.apple.com/library/prerelease/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33) is new in iOS 9 (Xcode 7). This new feature acts as a whitelist for your app. The cordova cli will automatically convert `<access>` and `<allow-navigation>` tags to the appropriate ATS directives.
-
-The `<access>` and `<allow-navigation>` tags support these three attributes below, which have their equivalents in ATS:
-
-1. minimum-tls-version (String, defaults to 'TLSv1.2')
-2. requires-forward-secrecy (Boolean, defaults to 'true')
-3. requires-certificate-transparency (Boolean, defaults to 'false', new in iOS 10)
-
-* example:
-
- ```xml
- <access origin='https://cordova.apache.org' minimum-tls-version='TLSv1.1' requires-forward-secrecy='false' requires-certificate-transparency='true' />
- ```
-
-In iOS 10 and above, the `<access>` tag supports these three attributes below, when paired with the origin wildcard `*`. These attributes also have their equivalents in ATS:
-
-1. allows-arbitrary-loads-for-media (Boolean, defaults to 'false', new in iOS 10. New in cordova-ios@4.5.0, fixed to use the proper attribute name). The old attribute `allows-arbitrary-loads-in-media` is now deprecated.
-2. allows-arbitrary-loads-in-web-content (Boolean, defaults to 'false', new in iOS 10)
-3. allows-local-networking (Boolean, defaults to 'false', new in iOS 10)
-
-* example:
-
- ```xml
- <access origin='*' allows-arbitrary-loads-for-media='true' allows-arbitrary-loads-in-web-content='true' allows-local-networking='true' />
- ```
-
-See the [ATS Technote](https://developer.apple.com/library/prerelease/ios/documentation/General/Reference/InfoPlistKeyReference/Articles/CocoaKeys.html#//apple_ref/doc/uid/TP40009251-SW33) for more details.
-
-[wlp]: ../../../reference/cordova-plugin-whitelist/
-[1]: http://www.w3.org/TR/widgets-access/
-[2]: http://google.com
-[3]: https://google.com
-[4]: http://maps.google.com
-[5]: http://mail.google.com
-[6]: http://docs.google.com
-[7]: http://developer.mozilla.org
diff --git a/www/static/plugins/official-plugins.json b/www/static/plugins/official-plugins.json
index debe3f1..9e54cbb 100755
--- a/www/static/plugins/official-plugins.json
+++ b/www/static/plugins/official-plugins.json
@@ -13,7 +13,6 @@
"cordova-plugin-screen-orientation",
"cordova-plugin-splashscreen",
"cordova-plugin-statusbar",
- "cordova-plugin-vibration",
- "cordova-plugin-whitelist"
+ "cordova-plugin-vibration"
]
}
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cordova.apache.org
For additional commands, e-mail: commits-help@cordova.apache.org