Logo

dev-resources.site

for different kinds of informations.

Ionic + Capacitor Security Tips

Published at
3/2/2024
Categories
security
ionic
tutorial
mobile
Author
acronimax
Main Article
https://dev.to/acronimax/ionic-capacitor-security-tips-31jg
Categories
4 categories in total
security
open
ionic
open
tutorial
open
mobile
open
Author
9 person written this
acronimax
open
Ionic + Capacitor Security Tips

For this tips will be use the Obfuscation and Custom Rules approach to enable minify and compress code.

Content

Obfuscation

To obfuscate, you need to find the build.gradle file and enable the property minifyEnabled to true, like this:

release {
   minifyEnabled true
   ...
}
Enter fullscreen mode Exit fullscreen mode

Obfuscation Rules

After that, add the below lines in proguard-rules.pro file:

##############
# Ionic Config
##############
-keep class org.apache.cordova.** { *; }
-keep class org.apache.cordova.camera.** { *; }
-keep class org.apache.cordova.** { *; }
-keep public class * extends org.apache.cordova.CordovaPlugin
-keep class com.ionic.keyboard.IonicKeyboard.** { *; }
##############
# Ionic Config
##############

#########################################################
# Remember to change the com.abc.xyz to your real App id!
#########################################################
-keep class com.abc.xyz.BuildConfig { *; }
#########################################################
# Remember to change the com.abc.xyz to your real App id!
#########################################################

########
# AdmMob
########
-keep class * extends java.util.ListResourceBundle {
    protected Object[][] getContents();
}
-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
    public static final *** NULL;
}
-keepnames @com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
    @com.google.android.gms.common.annotation.KeepName *;
}
-keepnames class * implements android.os.Parcelable {
    public static final ** CREATOR;
}
-keep public class com.google.cordova.admob.**
########
# AdmMob
########

########################################################
# Not sure if needed, found it in several documentations
########################################################
-keep class * extends java.util.ListResourceBundle {
    protected Object[][] getContents();
}
-keep public class com.google.android.gms.common.internal.safeparcel.SafeParcelable {
    public static final *** NULL;
}
-keepnames @com.google.android.gms.common.annotation.KeepName class *
-keepclassmembernames class * {
    @com.google.android.gms.common.annotation.KeepName *;
}
-keepnames class * implements android.os.Parcelable {
    public static final ** CREATOR;
}
########################################################
# Not sure if needed, found it in several documentations
########################################################

################################################
# Rules for Capacitor v3 plugins and annotations
################################################
-keep @com.getcapacitor.annotation.CapacitorPlugin public class * {
    @com.getcapacitor.annotation.PermissionCallback <methods>;
    @com.getcapacitor.annotation.ActivityCallback <methods>;
    @com.getcapacitor.annotation.Permission <methods>;
    @com.getcapacitor.PluginMethod public <methods>;
}
################################################
# Rules for Capacitor v3 plugins and annotations
################################################

################################################
# Rules for Capacitor v2 plugins and annotations
# These are deprecated. 
# But can still be used with Capacitor for now 
################################################
-keep @com.getcapacitor.NativePlugin public class * {
  @com.getcapacitor.PluginMethod public <methods>;
}
################################################
# Rules for Capacitor v2 plugins and annotations
# These are deprecated.
# But can still be used with Capacitor for now
################################################

###########################
# Rules for Cordova plugins
###########################
-keep public class * extends org.apache.cordova.* {
  public <methods>;
  public <fields>;
}
###########################
# Rules for Cordova plugins
###########################

################################################
# Note! this rules add if you use Huawei Plugins
# HMS Settings
################################################
-ignorewarnings
-keepattributes *Annotation*
-keepattributes Exceptions
-keepattributes InnerClasses
-keepattributes Signature
-keep class com.huawei.hianalytics.**{*;}
-keep class com.huawei.updatesdk.**{*;}
-keep class com.huawei.hms.**{*;}
-repackageclasses
################################################
# Note! this rules add if you use Huawei Plugins
# HMS Settings
################################################
Enter fullscreen mode Exit fullscreen mode
NOTE đź“ť

Remember to check if any other package you use in your project has notes about another rule you must bed. Because use the proguard-rules.pro may break your app if you don't pay attention or omit those rules the author of the package gives you.

Rooted Device Checking

You can achieve these by using the Diagnostic Plugin to check if the device is rooted. Keep in mind that have many other functions if you want to check it.

Detect Jailbreak Phone

Another layer will be to use some library to check if your app is launched on an insecure OS like Jailbreak. I found this library to help prevent the Jailbreak and the documentation for setting it up.

ionic Article's
30 articles in total
Favicon
Parental Control Solutions: iOS VPNs for Family Safety
Favicon
Domina el arte de la personalizaciĂłn en Ionic: Crea paletas de colores Ăşnicas paso a paso
Favicon
Implementacion de videollamadas multiplataforma iOS - Android
Favicon
Ionic: Angular 18, CapacitorJS & SQLite
Favicon
Crafting the Face of the Web: 10 Quotes on Front-End Development
Favicon
Hello ionic
Favicon
How to Easily Notify Users About Task Progress in Angular
Favicon
Quick Guide to Installing Android SDK Platform Tools on macOS and Windows
Favicon
How to edit angular ionic app in locally? the project angular version 13 and ionic version 5?
Favicon
how to: open a component like a sheet modal using ionic 7
Favicon
Why Ionic Outperforms Flutter in 2024: 7 Data-Driven Reasons to Choose Ionic
Favicon
Besoin d'aide pour créer une application d'enquête générique
Favicon
Desktop Application Development: Why It Still Matters in a Digital World?
Favicon
Integrating Capacitor with Next.js: A Step-by-Step Guide
Favicon
Top Ionic Interview Questions and Answers
Favicon
How to Build a Vue App To Show Your GitHub Repositories
Favicon
How To Easily Expand or Collapse All Accordion Items in IonAccordionGroup at Once Without Adding Complexity
Favicon
Ionic loader, without clicking event (loading.dismiss())
Favicon
How I built a rhymes dictionary ?
Favicon
Building Native Applications with Capacitor and ReactJS
Favicon
Setting Up ESLint and Prettier in an Ionic Angular Project
Favicon
Remède V1.1.5
Favicon
Creating a Mobile App with Ionic and Vue.js 🚀📱
Favicon
Running a Phaser Game on Mobile Devices
Favicon
Working with Scenes and Data in Phaser
Favicon
Diving Into Capacitor 6: What’s New, What’s Improved, and How to Upgrade
Favicon
Announcing Ionstarter
Favicon
Ionic v8 - Create Even Better Hybrid Apps
Favicon
Ionic + Capacitor Security Tips
Favicon
Responsive Ionic app development services

Featured ones:

Favicon
Open
abubakersiddique761
Favicon
Open
0x3d_site
Favicon
Open
0x2e_tech
Favicon
Open
0x4c-quest
Favicon
Open
gittech