Home > Uncategorized > Updating to the latest version of Cordova PhoneGap

Updating to the latest version of Cordova PhoneGap

After receiving a message from Google some time ago saying that security vulnerabilities in older versions of Cordova PhoneGap meant that my apps could be de-listed, I decided to go and upgrade my Cordova Setup, just to keep ahead of the curve.

So, step 1 (this is on a Mac, but should be similar on a PC)

sudo npm update -g cordova

cordova platform check

cordova platform update android

cordova platform update ios

Now, I noticed that all my ajax requests were failing with a 404 error, so I learned that you had to add a new plugin

cordova plugin add cordova-plugin-whitelist

Added this into the config.xml (probably overkill)

<allow-navigation href=”*” />
<!– The above is equivalent to these three declarations –>
<allow-navigation href=”http://*/*&#8221; />
<allow-navigation href=”https://*/*&#8221; />
<allow-navigation href=”data:*” />
<access origin=”*”/>
<allow-navigation href=”*”/>
<allow-intent href=”*”/>

and I added this into the HTML:

<meta http-equiv=”Content-Security-Policy” content=”* * ‘self’ default-src ‘unsafe-inline’ ‘unsafe-eval’ http://* https://* data: cdvfile://* content://*;”>

When building the release APK for Android, I noticed that ant.properties no longer had any effect, so you now have to include a build.json file in the project root as follows

“android”: {
“release”: {
“keystore”: “android”,
“storePassword”: “xxxx”,
“alias”: “android”,
“password” : “xxxx”,
“keystoreType”: “”

The keystore file has to be in the project root – this doesn’t allow absolute paths.

Categories: Uncategorized
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: