Merge pull request #21 from talsec/rename_callbacks

Release 6.0.0

CHANGELOG.md

@@ -1,3 +1,20 @@
+# freeRASP 6.0.0
+
+-   ❗ **BREAKING API CHANGE**: changed the way how threats are received. Now, it is necessary to pass object with reactions to `talsec.start()` method instead of a function.
+-   ⚡ Improved message passing between native iOS/Android and Cordova
+-   ✔️ Restricted message passing to valid callbacks only. If an invalid callback is received, the SDK will kill the app
+-   ⚡ Improved reaction obfuscation
+-   📄 Documentation updates and improvements
+
+### Android
+
+-   ⚡ Fixed ProviderException which could be occassionally triggered
+
+### iOS
+
+-   ❗ Raised supported Xcode version to 14.3.1
+-   ⚡ Improved SDK obfuscation
+
 # freeRASP 5.4.0
 
 -   📄 Documentation updates and improvements

README.md

@@ -80,14 +80,15 @@ Add platforms to your Cordova project:
 
 ### Android
 
-freeRASP for Android requires a **minimum SDK** level of **23** and a **target SDK** level of **31**. Cordova projects, by default, support even lower levels of minimum and target SDKs. This creates an inconsistency we must solve by updating the SDK levels of the application. Additionally, the freeRASP Cordova plugin uses Kotlin; add the following lines into the `config.xml` file in your project root directory to enable Kotlin and set the required SDK versions.
+freeRASP for Android requires a **minSdkVersion** level of **>=23** and a **targetSdkVersion** level of **>=31**. Cordova projects, by default, support even lower levels of minimum and target SDKs. This creates an inconsistency we must solve by updating the SDK levels of the application. Additionally, the freeRASP Cordova plugin uses Kotlin; add the following lines into the `config.xml` file in your project root directory to enable Kotlin and set the required SDK versions.
 
 ```xml
 <preference name="GradlePluginKotlinEnabled" value="true" />
 <preference name="GradlePluginKotlinCodeStyle" value="official" />
 <preference name="GradlePluginKotlinVersion" value="1.7.10" />
 <preference name="android-minSdkVersion" value="23" />
 <preference name="android-targetSdkVersion" value="31" />
+<preference name="android-compileSdkVersion" value="31" />
 ```
 
 Then run following command to apply the preferences:
@@ -165,44 +166,52 @@ The Dev version is used to not complicate the development process of the applica
 Talsec executes periodical checks when the application is running. To be able to receive detected threats, you need to provide listener to the plugin. The threat types are defined in the example bellow:
 
 ```js
-var threatListener = function (threatType) {
-    switch (threatType) {
-        case 'privilegedAccess': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'debug': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'simulator': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'appIntegrity': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'unofficialStore': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'hooks': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'deviceBinding': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'secureHardwareNotAvailable': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'passcode': // Android & iOS
-            // TODO place your reaction here
-            break;
-        case 'deviceID': // iOS only
-            // TODO place your reaction here
-            break;
-        case 'obfuscationIssues': // Android only
-            // TODO place your reaction here
-            break;
-        default:
-            console.log('Unknown threat type detected: ' + threatType);
-    }
+// reactions to detected threats
+const actions = {
+  // Android & iOS
+  privilegedAccess: () => {
+    console.log('privilegedAccess');
+  },
+  // Android & iOS
+  debug: () => {
+    console.log('debug');
+  },
+  // Android & iOS
+  simulator: () => {
+    console.log('simulator');
+  },
+  // Android & iOS
+  appIntegrity: () => {
+    console.log('appIntegrity');
+  },
+  // Android & iOS
+  unofficialStore: () => {
+    console.log('unofficialStore');
+  },
+  // Android & iOS
+  hooks: () => {
+    console.log('hooks');
+  },
+  // Android & iOS
+  deviceBinding: () => {
+    console.log('deviceBinding');
+  },
+  // Android & iOS
+  secureHardwareNotAvailable: () => {
+    console.log('secureHardwareNotAvailable');
+  },
+  // Android & iOS
+  passcode: () => {
+    console.log('passcode');
+  },
+  // iOS only
+  deviceID: () => {
+    console.log('deviceID');
+  },
+  // Android only
+  obfuscationIssues: () => {
+    console.log('obfuscationIssues');
+  },
 };
 ```
 
@@ -216,7 +225,7 @@ The initialization should be done inside the `onDeviceReady` function in the `in
 
 ```js
 talsec
-    .start(config, threatListener)
+    .start(config, actions)
     .then(() => {
         console.log('Talsec initialized.');
     })

hello/config.xml

@@ -12,5 +12,6 @@
     <preference name="GradlePluginKotlinCodeStyle" value="official" />
     <preference name="GradlePluginKotlinVersion" value="1.7.10" />
     <preference name="android-minSdkVersion" value="23" />
-    <preference name="android-targetSdkVersion" value="31" />
+    <preference name="android-targetSdkVersion" value="33" />
+    <preference name="android-compileSdkVersion" value="33" />
 </widget>

hello/package.json

@@ -13,14 +13,14 @@
     "author": "Apache Cordova Team",
     "license": "Apache-2.0",
     "devDependencies": {
-        "cordova-android": "^10.1.2",
-        "cordova-ios": "^6.3.0",
+        "cordova-android": "^12.0.1",
+        "cordova-ios": "^7.0.1",
         "cordova-talsec-plugin-freerasp": "github:talsec/Free-RASP-Cordova"
     },
     "cordova": {
         "platforms": [
-            "android",
-            "ios"
+            "ios",
+            "android"
         ],
         "plugins": {
             "cordova-plugin-add-swift-support": {},

hello/www/js/index.js

@@ -68,59 +68,71 @@ function onDeviceReady () {
         isProd: true
     };
 
-    const threatListener = function (threatType) {
-        switch (threatType) {
-        case 'privilegedAccess': // Android & iOS
+    const actions = {
+    // Android & iOS
+        privilegedAccess: () => {
             console.log('privilegedAccess');
             changeThreatStyle('privilegedAccess');
-            break;
-        case 'debug': // Android & iOS
+        },
+        // Android & iOS
+        debug: () => {
             console.log('debug');
             changeThreatStyle('debug');
-            break;
-        case 'simulator': // Android & iOS
+        },
+        // Android & iOS
+        simulator: () => {
             console.log('simulator');
             changeThreatStyle('simulator');
-            break;
-        case 'appIntegrity': // Android & iOS
+        },
+        // Android & iOS
+        appIntegrity: () => {
             console.log('appIntegrity');
             changeThreatStyle('appIntegrity');
-            break;
-        case 'unofficialStore': // Android & iOS
+        },
+        // Android & iOS
+        unofficialStore: () => {
             console.log('unofficialStore');
             changeThreatStyle('unofficialStore');
-            break;
-        case 'hooks': // Android & iOS
+        },
+        // Android & iOS
+        hooks: () => {
             console.log('hooks');
             changeThreatStyle('hooks');
-            break;
-        case 'deviceBinding': // Android & iOS
+        },
+        // Android & iOS
+        deviceBinding: () => {
             console.log('deviceBinding');
             changeThreatStyle('deviceBinding');
-            break;
-        case 'secureHardwareNotAvailable': // Android & iOS
+        },
+        // Android & iOS
+        secureHardwareNotAvailable: () => {
             console.log('secureHardwareNotAvailable');
             changeThreatStyle('secureHardwareNotAvailable');
-            break;
-        case 'passcode': // Android & iOS
+        },
+        // Android & iOS
+        passcode: () => {
             console.log('passcode');
             changeThreatStyle('passcode');
-            break;
-        case 'deviceID': // iOS only
+        },
+        // iOS only
+        deviceID: () => {
             console.log('deviceID');
             changeThreatStyle('deviceID');
-            break;
-        case 'obfuscationIssues': // Android only
+        },
+        // Android only
+        overlay: () => {
+            console.log('overlay');
+            changeThreatStyle('overlay');
+        },
+        // Android only
+        obfuscationIssues: () => {
             console.log('obfuscationIssues');
             changeThreatStyle('obfuscationIssues');
-            break;
-        default:
-            console.log(`Unknown threat type detected: ${threatType}`);
         }
     };
 
     talsec
-        .start(config, threatListener)
+        .start(config, actions)
         .then(() => {
             console.log('Talsec initialized.');
         })

package.json

@@ -1,6 +1,6 @@
 {
     "name": "cordova-talsec-plugin-freerasp",
-    "version": "5.4.0",
+    "version": "6.0.0",
     "description": "Cordova plugin for improving app security and threat monitoring on Android and iOS mobile devices.",
     "cordova": {
         "id": "cordova-talsec-plugin-freerasp",
@@ -41,9 +41,36 @@
     "homepage": "https://github.com/talsec/Free-RASP-Cordova",
     "devDependencies": {
         "@cordova/eslint-config": "^5.0.0",
+        "@types/cordova": "^11.0.2",
+        "@types/node": "^20.8.10",
+        "@typescript-eslint/parser": "^6.9.1",
         "eslint": "^8.40.0",
         "eslint-plugin-import": "^2.27.5",
         "eslint-config-prettier": "^8.5.0",
-        "eslint-plugin-prettier": "^4.0.0"
-    }
+        "eslint-plugin-prettier": "^4.0.0",
+        "prettier": "^3.0.3",
+        "prettier-eslint": "^16.1.2",
+        "typescript": "^5.2.2"
+    },
+    "eslintConfig": {
+        "root": true,
+        "extends": [
+            "@cordova/eslint-config"
+        ],
+        "rules": {
+            "prettier/prettier": [
+                "off",
+                {
+                    "quoteProps": "consistent",
+                    "singleQuote": true,
+                    "tabWidth": 2,
+                    "trailingComma": "es5",
+                    "useTabs": false
+                }
+            ]
+        }
+    },
+    "eslintIgnore": [
+        "node_modules/"
+    ]
 }

plugin.xml

@@ -2,7 +2,7 @@
 
 <plugin xmlns="http://apache.org/cordova/ns/plugins/1.0"
         id="cordova-talsec-plugin-freerasp"
-        version="5.4.0">
+        version="6.0.0">
 
   <name>freerasp</name>
   <author>Talsec (info@talsec.app)</author>
@@ -34,6 +34,8 @@
     </config-file>
 
     <source-file src="src/android/TalsecPlugin.kt" target-dir="app/src/main/kotlin/com/aheaditec/talsec/cordova/"/>
+    <source-file src="src/android/TalsecThreatHandler.kt" target-dir="app/src/main/kotlin/com/aheaditec/talsec/cordova/"/>
+    <source-file src="src/android/Threat.kt" target-dir="app/src/main/kotlin/com/aheaditec/talsec/cordova/"/>
     <framework src="src/android/talsec.gradle" custom="true" type="gradleReference" />
   </platform>