[
https://issues.apache.org/jira/browse/CB-10111?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15139746#comment-15139746
]
Joe Bowser commented on CB-10111:
---------------------------------
This is where the nativeApiProvider retrieves Javascript messages from native
by overriding the online event. I'm not sure why it's giving you the Client
Privacy Violation code, but this is required for this bridge mode to work, and
is a core part of Android. I suspect this is a false positive from checkmarx.
> checkmarx tool issue on Android
> -------------------------------
>
> Key: CB-10111
> URL: https://issues.apache.org/jira/browse/CB-10111
> Project: Apache Cordova
> Issue Type: Bug
> Components: Android
> Reporter: Samaresh Sahoo
> Priority: Minor
> Labels: Andriod
>
> Hi Support Team,
> We are running our source code on checkmarx tool, where we are getting a
> "Client Privacy Violation" issue in cordova.js file.
> Below is the code snippet:
> File Name /UIKodiak_PoC_Client_UI_07_10_00_06T/www/cordova.js
> Method function pollOnce(opt_fromOnlineEvent) {
> ....
> 665. var msgs =
> nativeApiProvider.get().retrieveJsMessages(bridgeSecret,
> !!opt_fromOnlineEvent);
> Can you please let us know about this issue and does it cause any violation ?
> Thanks
> Samaresh
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
