I have received an Email from Google Play Store for my Android App:
This is a notification that your com.mydomain.myapp, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials. You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see http://cordova.apache.org/announcements/2014/08/04/android-351.html. Please note, applications with vulnerabilities that expose users to risk of compromise may be considered “dangerous products” and subject to removal from Google Play. Regards, Google Play Team ©2014 Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043
If I try the command mentioned on the given link/page, i.e.:
cordova platform add [email protected] --usenpm
I get an error:
Platform android already added
How can I upgrade Cordova from 3.1 to 3.5.1? I have tried all sort of things like:
npm update -g cordova
But I do not appear to be getting successful. The version file in MyApp\platforms\android\cordova folder still shows following entry and no file in this folder changes:
// Coho updates this line:
var VERSION = "3.1.0";
console.log(VERSION);
After some research, I think, I have found the solution here:
http://cordova.apache.org/index.html#download
npm install -g cordova
cd my_project
cordova platform update android
Running the last command does the trick and I get this response:
**cordova platform update android**
Deleting E:/PhoneGap/my_project/platforms/android/libs/cordova-3.1.0.jar
Android project is now at version 3.6.3
If you updated from a pre-3.2.0 version and use an IDE, we now require that you
import the "CordovaLib" library project.
Hope that helps.
Regards
If you are using Phonegap, you just need to update Phonegap to version 3.5.0
It's explained here: http://phonegap.com/blog/2014/06/12/phonegap-3_5_release/
And here's the note from Phonegap that says how you're covered: http://phonegap.com/blog/2014/08/07/cordova-android-3_5_0-patched-with-security-fixes/
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With