Cordova and PhoneGap Encryption

Any developer who uses Cordova is aware of this: The source code of a Cordova/Phonegap App can be read in clear text. Just download the app archive (IPA or APK) and unzip it. Now everyone can read your source code. You can tweak or make it harder to read with uglify or minify but still it’s readable.

So there’s some neeed for companies and developers to encrypt your JavaScript code in an hybrid App, too. tkyaji published a plugin on GitHub, which makes this possible: the Cordova Encrypt – a Plugin Cordova und PhoneGap encryption.

The plugin works for iOS and Android. Just add it to your project with  cordova plugin add cordova-plugin-crypt-file. Now a cordova build encrypts all .html.htm.js.css files. Therefore keys are generated in the native containers so that the files aren’t readable anymore. The decrypions is done automatically on app start.

This entry was posted in IT and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.