Category Archives: Phonegap

Phonegap – Google Play Vulnerability Warning

Recently one of my app in Google Play showed a vulnerability warning message. This warning itself said, its a high severity cross-application scripting (XAS) vulnerability. So i had to upgrade my app to Phonegap 3.5.1. Find below the warning i received from Google Play.

This is a notification that your com.mydomain.myapp, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials. You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please seehttp://cordova.apache.org/announcements/2014/08/04/android-351.html. Please note, applications with vulnerabilities that expose users to risk of compromise may be considered “dangerous products” and subject to removal from Google Play. Regards, Google Play Team ©2014 Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043

 

phonegap-warning

 

 

 

 

 

 

 

Here are some notes how i over come this.

To upgrade the Phonegap, update the node package for Phonegap by running this command.

npm  update -g phonegap

This will upgrade your phonegap to the latest version.

After upgrading the Phonegap, i wasnt able to build the app, it showed an error saying…

You need to upgrade your SDK build tools.

Minimum version required was 19.1. Upgraded the Android build tools using Android SDK Manager, to 19+.

Now you have to remove the older build files and add android again. Run below commands.

cordova platform update android
cordova platform remove android
cordova platform add android

Now you have to remove and add your plugins used. For that, run the below commands

cordova plugin remove org.apache.cordova.dialogs
cordova plugin add org.apache.cordova.dialogs
cordova plugin remove org.apache.cordova.console
cordova plugin add org.apache.cordova.console
...
...
so on...

Now you are done. Rebuild the application and align it, sign it and deploy it to Play Store again. =)

Tips to optimize your phonegap application

Performance is the main con of Phonegap applications when compared to native applications. So optimizing the apps you build with Phonegap is quite important. I’ve been working with phonegap application for the past 1.5 years. here I’d like to share some of my observations & tips on this topic.

The 300ms Delay in touch devices.

Most touch-based mobile browsers wait 300ms between your tap on the screen and the browser firing the appropriate handler for that event. It was implemented because you could be double-tapping to zoom the page to full width. Therefore, the browser waits for a third of a second — if you don’t tap again, the “click” is activated.

If you are developing your app in BackboneJS, you can get rid of this delay by just including Backbone Touch library.  All you have to do just include the script below BackboneJs in ur html page.

If you are using AngularJS, angular comes with ngTouch module which disables the 300ms delay.

You can try Fastclick aslo.

By removing the 300ms delay on clicks, you app becomes visibly faster.

Use your own css.

User your own css,. dont go for any css/ui libraries. If you want to make your app responsive, you can try SkeltonCss or The Grid only Bootstrap. That’s you can customize the bootstrap before you download, including only what you need really.

Further tips will be coming soo…