You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cordova.apache.org by "Jan Piotrowski (Sujan) (JIRA)" <ji...@apache.org> on 2017/12/08 18:41:00 UTC
[jira] [Commented] (CB-13648) Cordova Android Security Concern?
What is the correct workflow for apps with this issue? (see description)
[ https://issues.apache.org/jira/browse/CB-13648?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16284006#comment-16284006 ]
Jan Piotrowski (Sujan) commented on CB-13648:
---------------------------------------------
This "problem" is system level and system wide, so yes, of course it also affects Cordova apps running on Android devices that are vulnerable.
All that code there to check if the device is vulnerable and trigger an update would have to be called via a Cordova plugin. I don't know if this exists already.
> Cordova Android Security Concern? What is the correct workflow for apps with this issue? (see description)
> ----------------------------------------------------------------------------------------------------------
>
> Key: CB-13648
> URL: https://issues.apache.org/jira/browse/CB-13648
> Project: Apache Cordova
> Issue Type: Bug
> Components: cordova-android
> Reporter: Abhishek Joshi
> Assignee: Joe Bowser
>
> https://developer.android.com/training/articles/security-gms-provider.html
> 1) Is this bug discussed above a concern with Cordova apps out of the Box (near helloworld level of apps), since Cordova runs off Webviews?
> 2) If this bug is a concern, what should the correct workaround be? Do I need to create my own plugin to manage this? Is there a solution?
> 3) Any comments?
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org