I want to know whether when I upload my phonegap application on play store then anyone can view source code after they install my application or not.
If the source code is viewable, what steps can I take to protect it?
Basically a PhoneGap application is html/css and javascript codes wrapped in a native Android WebView. So in order to protect your source code from others, you can encode it using techniques like uglify. To a normal user, this would be enough. It is similar to what Proguard does for native Android apk. However if you want total secrecy of some part of your code logic, keep it at the server end itself. Any client facing application is readable (eg- Webpages, executable files etc).
As you may know, an apk file is actually just a zip archive, so you can try to rename (or simply force your decompressing tool to open the apk file) the file to appname.apk.zip and extract it with any zip utility.
You can however encryption your source code checkout here https://ourcodeworld.com/articles/read/386/how-to-encrypt-protect-the-source-code-of-an-android-cordova-app
Related
I need to encrypt the zip file (generated from 5-6 files of size 50 MB) which are created by the android native service written in C++.
After doing google learned that there are some open source libs which can help to do the encryption. But I would like to know if there is any inbuilt support to achieve the encryption.
Code flow : Read log files create a custom logs and write to the desired location, zip and encrypt the files
Note : even if i can compress the file with password protection is enough for me.
Sorry, there is no standard Java mechanism to password protect a zip file. You will have to use a third party library.
I am wondering if is possible accessing the internal files of an app after build with cordova plugin.
My project is based on Android and here are my files:
index.html
html:
- remove.html
js
css
So, after build the app, I want to access with some option within the app the remove.html and remove it.
I find that the FILE plugin of cordova is useful for files inside the device but not the app.
Please anyone has any idea?
we do not have modification access to the location where apk's internal files are saved. Since your remove.html is part of your app apk, we cannot just remove it.
You can take the same approach taken by sqlite raw database file. When your app is started or run for the very first time, copy your file (remove.html) to data folder where you can modify/delete it. Make sure your app only uses this new path everywhere.
Take a look at copyDatabaseFromAssets function in this code for a sample on how do this. Since you will have modification access, you can delete or modify this file as needed.
I am developing cross platform application using sencha framework. I find the strange thing i.e it is easy to decompile the apk file and get the asset (resource folder) from android. I want to hide all my project files exist inside the asset folder. Is it possible to hide the javascript and html content after decompiling using this decompiler
This is not far to see the entire source, there is anyother way to conceal this
As I understand things, you need to somehow encrypt your app - because, as you point out, decompiling the source isn't all that difficult.
I don't know the specifics behind the process, but you might check out Sencha Space which provides a secure wrapper for your apps.
My requirement is to develop an Play store like application. Where, developers will be uploading their Android .apk file.
Checking on the mobile application side can be done only with applications package path. Which requires the package path to be taken manually or by reading the .apk file of the application using library.
a) Making developer to enter application package path is not best of practice,
b) I searched online and found not any way to read the .apk file.
I am not sure if my approach is correct, please correct me if I missed something.
There is an api/toolkit android-apktool.
for reading the .apk and xml meta-data
That should help
Hi People I have an apk file that is made using phonegap and I need to test it using selenium so that I can get the id's of the components in the application and feed them into the scripts, can you tell that is there any way to open the apk file in the browser so that the process becomes easier or is there any app that can do that? any suggestions will be appreciated.
APK is just a ZIP-file, so you can rename it into .zip and open in a browser.
Though, you cannot add files into APK this way easily, because the content of APK is signed and aligned.
Yes it is possible first unzip your apk and remove "onDeviceReady"(Related to phone gap events) event and then try in browser