You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cordova.apache.org by "Joe Bowser (JIRA)" <ji...@apache.org> on 2016/02/09 22:00:19 UTC

[jira] [Commented] (CB-10111) checkmarx tool issue on Android

    [ https://issues.apache.org/jira/browse/CB-10111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15139746#comment-15139746 ] 

Joe Bowser commented on CB-10111:
---------------------------------

This is where the nativeApiProvider retrieves Javascript messages from native by overriding the online event.  I'm not sure why it's giving you the Client Privacy Violation code, but this is required for this bridge mode to work, and is a core part of Android.  I suspect this is a false positive from checkmarx.

> checkmarx tool issue on Android
> -------------------------------
>
>                 Key: CB-10111
>                 URL: https://issues.apache.org/jira/browse/CB-10111
>             Project: Apache Cordova
>          Issue Type: Bug
>          Components: Android
>            Reporter: Samaresh Sahoo
>            Priority: Minor
>              Labels: Andriod
>
> Hi Support Team,
> We are running our source code on checkmarx tool, where we are getting a "Client Privacy Violation" issue in cordova.js file.
> Below is the code snippet: 
> File Name /UIKodiak_PoC_Client_UI_07_10_00_06T/www/cordova.js
> Method function pollOnce(opt_fromOnlineEvent) {
> ....
> 665. var msgs =
> nativeApiProvider.get().retrieveJsMessages(bridgeSecret,
> !!opt_fromOnlineEvent);
> Can you please let us know about this issue and does it cause any violation ?
> Thanks
> Samaresh



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org