You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I opened this issue to discuss about the data cached on device when you use android and iOS devices.
When you use this plugin on an android device, it seems no data are cached on the device. But when looking on iOS, it seems that all requests/responses are stored on the hard drive of the device in a cache.db file.
This can be a security risk. On a jailbreak device, other apps can freely access this cache.db file and potentially get sensitive information from him.
After looking at the iOS source code, I found that is due to the session configuration which is created from the defaultSessionConfiguration.
For my own use case, I just added a line after this one to completely disable cache, but I'm pretty sure that can be good to have an option to disable cache for users that want it.
configuration.URLCache = nil;
Sorry for my bad english,
Regards
The text was updated successfully, but these errors were encountered:
Hi @Kohagan91, thank you for finding and reporting this! Yes, I agree that this can be a security risk. Therefore we should disable it and if someone needs the caching option, we can open a new feature request for this purpose. Would you mind creating a PR for this?
Hi !
I opened this issue to discuss about the data cached on device when you use android and iOS devices.
When you use this plugin on an android device, it seems no data are cached on the device. But when looking on iOS, it seems that all requests/responses are stored on the hard drive of the device in a cache.db file.
This can be a security risk. On a jailbreak device, other apps can freely access this cache.db file and potentially get sensitive information from him.
After looking at the iOS source code, I found that is due to the session configuration which is created from the defaultSessionConfiguration.
cordova-plugin-advanced-http/src/ios/SM_AFNetworking/SM_AFURLSessionManager.m
Line 513 in 5b8f20e
For my own use case, I just added a line after this one to completely disable cache, but I'm pretty sure that can be good to have an option to disable cache for users that want it.
configuration.URLCache = nil;
Sorry for my bad english,
Regards
The text was updated successfully, but these errors were encountered: