Niek Heezemans created CB-9014:
----------------------------------
Summary: Man In The Middle Attack - SSL Connection - Jquery - Burp
Suite
Key: CB-9014
URL: https://issues.apache.org/jira/browse/CB-9014
Project: Apache Cordova
Issue Type: Bug
Components: CordovaLib, iOS
Affects Versions: 3.8.0
Environment: iPhone5s - iOS 8.3 / iPad4 iOS8.3
Reporter: Niek Heezemans
Fix For: 3.8.0
I manually added a Proxy (Burp Suite) to my Wifi Connection and let my App
connect to a server with a valid SSL certificate threw a jQuery Ajax call. Burp
generates its own CA certificate (Self Signed) but this is not detected by
Cordova.
I can read all the Requests and Responses to and from my secure server within
Burp.
This happens on both Debug as well as on the Enterprise Signed IPA.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
