SlideShare a Scribd company logo

Common PhoneGap Gotchas (#PGDay EU 2016)

Kerri Shotts
Kerri Shotts

Slides from my presentation at PhoneGap Day EU in Amsterdam (May 19, 2016). If you have any questions or comments, I'd be happy to hear from you!

Presentations & Public Speaking
1 of 47
Download to read offline
COMMON PHONEGAP GOTCHAS PHONEGAP DAY EU 2016 YankoPayanko (pixabay)
HELLO! MY NAME IS KERRI Photo by Bill Bertram
PURPOSE • IDENTIFY PAIN POINTS • LEARN THE "EASY" WAY • HAPPIER USERS • KEEP BRAIN CELLS
COMMON PAIN POINTS* • PLUGIN ISSUES • XHR / AJAX FAILURES / CSP / CORS • CLI INSTALLATION • ICONS / LAUNCH SCREENS • TREATING PHONEGAP AS A BROWSER / SERVER • MISUNDERSTANDING PHONEGAP TOOLS • DATA STORAGE • RESPONSIVE DESIGN • SLOW • DIDN'T EXPECT PLATFORM QUIRKS *NOT SCIENTIFICALLY DETERMINED
CLI INSTALLATION • WINDOWS SEEMS TO BE PROBLEMATIC FOR USERS • NETWORK RESTRICTIONS / PROXIES GET IN THE WAY • OFTEN HAVE DIFFICULTY CONFIGURING ENVIRONMENT VARIABLES CORRECTLY • SOMETIMES SECURITY PROGRAMS CAUSE INSTALL PROBLEMS • NPM WARNINGS LOOK SCARY • SOME GRUMBLING ABOUT NUMBER OF PREREQUISITES
NOT A BROWSER • DON'T WRAP A WEBSITE • KEEP CODE LOCAL
Browser Web View HTML CSS JS PhoneGap Web View HTML CSS JS
Browser PhoneGap Web View HTML CSS JS Native Code Core Plugins Bridge Device Contacts Storage Sharing IAP SDKs ••• Interfaces with Browser Chrome User Interface Visible Security; Download UI Web View HTML CSS JS Device GPS Accelerometer Limited Storage ••• Device Interfaces With Bookmarks Non- sandboxed Storage ••• Interfaces With Browser PhoneGap Web View HTML CSS JS Native Code Core Plugins Bridge Device Contacts Storage Sharing IAP SDKs ••• Interfaces with Browser Chrome User Interface Visible Security; Download UI Web View HTML CSS JS Device GPS Accelerometer Limited Storage ••• Device Interfaces With Bookmarks Non- sandboxed Storage ••• Interfaces With
SINGLE PAGE APP (SPA) • DYNAMIC DOM • EASIER ANIMATION • EASIER APP STATE • FASTER
NOT A SERVER
Server PHP function consol } Node function consol } .NET function consol } etc. function consol } MySQL SQL Server SQLite etc. PhoneGap JS function consol } CSS nav { dispp z-ind } HTML <nav id= <a hr </nav> SQLite Indexed DB
Web ServerDatabase Server PHP function consol } Node function consol } .NET function consol } etc. function consol } MySQL SQL Server SQLite etc. Mobile Device PhoneGap App Firewall XMLHttpRequest
CLI, DESKTOP, DEVELOPER, BUILD, OH MY! • ONE OF THE FIRST QUESTIONS I ASK: WHICH TOOL ARE YOU USING? • DEVELOPER DOESN'T SUPPORT EVERY PLUGIN • BUILD HAS DIFFERENT STRUCTURE THAN CLI • DESKTOP'S TEMPLATES NEED UPDATED
CLI Desktop App Developer App Build What Command line interface for creating, building, managing, and running PhoneGap apps Graphical user interface for creating, managing, and quickly testing PhoneGap apps Mobile app that connects to the Desktop app or `phonegap serve` for rapid iteration purposes Cloud service that builds apps for you without needing a local development environment Benefits Complete control Quickly create, manage, and serve apps Rapid iteration with quick reload Don't need a local dev environment Upload from CLI, .zip, GitHub Easy distribution Disadvantages Need to install prereqs & SDKS More maintenance Template is out-of-date Have to use CLI to add platforms/plugins Connection difficulties Only core + select plugins lots of edge cases not present in built apps Connection difficulties Different project structure PGB vs NPM plugin repo
PUT A PIN IN IT
Platform $ cordova platform add ios@4.1.0 --save (config.xml)
 <engine name="ios" spec="4.1.0" /> Plugins $ cordova plugin add cordova-plugin-device@1.1.1 
 --save (config.xml) <plugin name = "cordova-plugin-device"
 spec = "1.1.1" /> PhoneGap Build CLI Version <preference name = "phonegap-version" 
 value = "cli-6.0.0"/>
PLUGIN ISSUES • NOT INSTALLED OR INSTALLED INCORRECTLY • NOT WAITING FOR DEVICEREADY • PASSING INCORRECT/ MALFORMED PARAMETERS • PAY ATTENTION TO ERROR CALLBACK! • DOCUMENTATION IS OFTEN AN ISSUE • CAN LEAD TO FEELINGS OF POOR QUALITY
DATA STORAGE • LOCALSTORAGE IS TEMPTING, BUT A POOR CHOICE • SYNC IS A BIG QUESTION (COUCHDB & POUCHDB) • USE THE BEST STORAGE OPTION FOR THE DATA
localStorage WHAT IS IT GOOD FOR?NOT MUCH
localStorage File API Web SQL IndexedDB SQLite (1, 2, 3) App Prefs Keychain Quota ~5mb n/a 5 - 50mb 5 - 50mb n/a platform specific platform specific Async? ✕ ✓ ✕ ~ ~ ✓ ✓ Format Key / String Text / Binary Structured data Store / Key / Object Structured data Key / String Key / String Good for Not much Caching Temporary data Saving and loading documents Storing & querying structured data Storing semi- structured JavaScript objects Large amounts of structured data User Settings Sensitive Information Note Not persistent, No callback Persistent and temporary file systems Deprecated Bugged on iOS (buggyfill) Keep result set small! Not good for lots of data Not good for lots of data
DON'T STORE SENSITIVE INFORMATION
YOUR USER'S DATA AND PRIVACY ARE PRICELESS
ALWAYS USE HTTPS
DON'T TRUST YOUR DATA • VALIDATE EVERYWHERE • DOM INJECTION • SQL INJECTION
// DOM INJECTION: let untrustedData = `<button onclick="doSomethingNefarious();"/>`; el.innerHTML = untrustedData; // SUSCEPTIBLE el.textContent = untrustedData; // SAFE // SQL INJECTION: { let sql = "select * from user where username = " + username; db.transaction(tx => tx.executeSql(sql)); } // SUSCEPTIBLE { let sql = `select * from users where username = ?`; db.transaction(tx => tx.executeSql(sql, [username])); } // SAFE
NETWORK CONNECTIVITY • LOTS OF MISUNDERSTANDING ABOUT WHITELIST AND CONTENT-SECURITY- POLICY
CONFIGURE THE WHITELIST
Network Access <access origin="https://www.example.com" /> <access origin="https://*.example.com" /> <access origin="*" /> <!-- NOT SECURE --> Top-level Navigation (location .href) <allow-navigation href="https://*.example.com/*" /> $ cordova plugin add cordova-plugin-whitelist --save
CSP META TAG • TIGHTEN AS MUCH AS POSSIBLE • DEV WILL BE MORE PERMISSIVE
<!-- Development CSP --> <meta http-equiv="Content-Security-Policy" content="default-src 'self' gap: https://ssl.gstatic.com; connect-src 'self' ws: https://test.example.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' gap:;"/> <!-- Production CSP --> <meta http-equiv="Content-Security-Policy" content="default-src 'self' gap: https://ssl.gstatic.com; connect-src 'self' https://www.example.com; img-src 'self' data:; style-src 'self'; script-src 'self' gap:;"/>
'self' Required to load local resources gap: UIWebView only (iOS) — used by web-native bridge ws: Web socket support (needed for live reload) https://ssl.gstatic.com Android TalkBack (Accessibility) data: Inline images, including SVG use 'unsafe-eval' Try to avoid, but not always possible (live reload / plugins) 'unsafe-inline' Try to avoid, but not always possible (live reload / plugins)
CROSS-ORIGIN RESOURCE SHARING (CORS) • SERVER-SIDE • REQUIRED FOR WKWEBVIEW, PHONEGAP SERVE, AND BROWSER
CONNECTIVITY IS NOT GUARANTEED
if (!navigator.onLine) { throw new OfflineError(); // offline; don't bother } let xhr = new XMLHttpRequest(); xhr.open(method, URI, true); xhr.timeout = 30000; // 30 second timeout xhr.ontimeout = function() { throw new TimeoutError(); // might be offline or unreachable. If online, try // again (throttle); error after too many failures // Watch for long-running queries! } xhr.onerror = function() { throw new XHRError(); // try again; error after too many failures } xhr.onload = function() { if (this.status >= 200 && this.status <= 299) { /* success! */ } else { throw new HTTPError(this.status); } } xhr.send(data);
ICONS & LAUNCH SCREENS • PATHS ARE RELATIVE TO CONFIG.XML • USE MODERN <SPLASH> AND <ICON> TAGS • MAKE SURE THE IMAGE IS SAME SIZE AS SPECIFIED IN CONFIG.XML • KEEP LAUNCH SCREEN SIMPLE
PERCEIVED AS SLOW • 300MS DELAY **SIGH** • JANKY ANIMATIONS • PROFILE!
BAN SLOW INTERACTIONS • FAST CLICK OR GESTURE LIBRARY (1, 2) • AFFORDANCES • DELAY WORK UNTIL AFTER ANIMATIONS
PROFILE • TRACK MEMORY, FRAMES, EXECUTION TIME • CHROME / SAFARI + INSTRUMENTS • SCREEN RECORDING
PERFORMANCE MATTERS Quantifiable Performance
 Bruce Lefebvre 11:20am
DESIGN RESPONSIVELY • HTML IS ALREADY RESPONSIVE • RESPONSIVE UNITS (%, REM, VIEWPORT UNITS:VH,VW,VMAX,VMIN) • MEDIA QUERIES & DEVICE PLUGIN • FLEXBOX LAYOUT
iPhone iPad (landscape)
MOBILE IS QUIRKY • MOBILE WEB IS QUIRKY • ACCEPT DEVICE & PLATFORM- SPECIFIC WORKAROUNDS • DEVICE PLUGIN • CROSSWALK • WKWEBVIEW
My finger is actually here Touch is registered here iOS UIWebView Scroll Offset Bug
# iOS 9 (UIWebView on iOS 8) $ cordova plugin add cordova-plugin-wkwebview-engine --save # iOS 8 & 9 $ cordova plugin add https://github.com/apache/cordova- plugins.git#master:wkwebview-engine-localhost —save # Then, edit config.xml <platform name="ios"> <content src="http://localhost:49000"/> </platform> # Android $ cordova plugin add cordova-plugin-crosswalk-webview --save
MANAGE THE KEYBOARD Handling the keyboard in hybrid applications
 Tim Lancina 10:15am
THANK YOU! @photokandy www.photokandy.com

Recommended

Sneaking Past Device Guard - HITB19AMS
Sneaking Past Device Guard - HITB19AMSSneaking Past Device Guard - HITB19AMS
Sneaking Past Device Guard - HITB19AMSPhilip Tsukerman
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installationRonan Dunne, CEH, SSCP
 
Automated browser testing
Automated browser testingAutomated browser testing
Automated browser testingDavid Darke
 
SocketStream
SocketStreamSocketStream
SocketStreamPaul Jensen
 
Electron. Build cross platform desktop apps with web technologies!
Electron. Build cross platform desktop apps with web technologies!Electron. Build cross platform desktop apps with web technologies!
Electron. Build cross platform desktop apps with web technologies!*instinctools
 
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012Scott Sutherland
 
The moment my site got hacked
The moment my site got hackedThe moment my site got hacked
The moment my site got hackedMarko Heijnen
 
Secure Your Wordpress
Secure Your WordpressSecure Your Wordpress
Secure Your Wordpressn|u - The Open Security Community
 

Recommended

Sneaking Past Device Guard - HITB19AMS
Sneaking Past Device Guard - HITB19AMSSneaking Past Device Guard - HITB19AMS
Sneaking Past Device Guard - HITB19AMSPhilip Tsukerman
 
B wapp – bee bug – installation
B wapp – bee bug – installationB wapp – bee bug – installation
B wapp – bee bug – installationRonan Dunne, CEH, SSCP
 
Automated browser testing
Automated browser testingAutomated browser testing
Automated browser testingDavid Darke
 
SocketStream
SocketStreamSocketStream
SocketStreamPaul Jensen
 
Electron. Build cross platform desktop apps with web technologies!
Electron. Build cross platform desktop apps with web technologies!Electron. Build cross platform desktop apps with web technologies!
Electron. Build cross platform desktop apps with web technologies!*instinctools
 
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012
SQL Server Exploitation, Escalation, Pilfering - AppSec USA 2012Scott Sutherland
 
The moment my site got hacked
The moment my site got hackedThe moment my site got hacked
The moment my site got hackedMarko Heijnen
 
Secure Your Wordpress
Secure Your WordpressSecure Your Wordpress
Secure Your Wordpressn|u - The Open Security Community
 
Nodejs web,db,hosting
Nodejs web,db,hostingNodejs web,db,hosting
Nodejs web,db,hostingKenu, GwangNam Heo
 
Hack your db before the hackers do
Hack your db before the hackers doHack your db before the hackers do
Hack your db before the hackers dofangjiafu
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)Aman Kohli
 
Splunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shellsSplunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shellsAnthony D Hendricks
 
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON
 
JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)Hendrik Ebbers
 
Drupal Security Seminar
Drupal Security SeminarDrupal Security Seminar
Drupal Security SeminarCalibrate
 
Enterprise Node - Securing Your Environment
Enterprise Node - Securing Your EnvironmentEnterprise Node - Securing Your Environment
Enterprise Node - Securing Your EnvironmentKurtis Kemple
 
AppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App PerformanceAppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App Performancerobgalvinjr
 
Rails Security
Rails SecurityRails Security
Rails SecurityWen-Tien Chang
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applicationsDevnology
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9sumsid1234
 
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...Aman Kohli
 
Hack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security TrainingHack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security TrainingColdFusionConference
 
Being HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on PurposeBeing HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on PurposeAman Kohli
 
Pentesting RESTful webservices
Pentesting RESTful webservicesPentesting RESTful webservices
Pentesting RESTful webservicesMohammed A. Imran
 
HTML5 on Mobile
HTML5 on MobileHTML5 on Mobile
HTML5 on MobileAdam Lu
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
 
CS166 Final project
CS166 Final projectCS166 Final project
CS166 Final projectKaya Ota
 
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowakiGoogle Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowakijavier ramirez
 
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 

More Related Content

Similar to Common PhoneGap Gotchas (#PGDay EU 2016)

Hack your db before the hackers do
Hack your db before the hackers doHack your db before the hackers do
Hack your db before the hackers dofangjiafu
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)Aman Kohli
 
Splunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shellsSplunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shellsAnthony D Hendricks
 
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON
 
JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)Hendrik Ebbers
 
Drupal Security Seminar
Drupal Security SeminarDrupal Security Seminar
Drupal Security SeminarCalibrate
 
Enterprise Node - Securing Your Environment
Enterprise Node - Securing Your EnvironmentEnterprise Node - Securing Your Environment
Enterprise Node - Securing Your EnvironmentKurtis Kemple
 
AppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App PerformanceAppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App Performancerobgalvinjr
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applicationsDevnology
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9sumsid1234
 
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...Aman Kohli
 
Hack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security TrainingHack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security TrainingColdFusionConference
 
Being HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on PurposeBeing HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on PurposeAman Kohli
 
Pentesting RESTful webservices
Pentesting RESTful webservicesPentesting RESTful webservices
Pentesting RESTful webservicesMohammed A. Imran
 
HTML5 on Mobile
HTML5 on MobileHTML5 on Mobile
HTML5 on MobileAdam Lu
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...Hackito Ergo Sum
 
CS166 Final project
CS166 Final projectCS166 Final project
CS166 Final projectKaya Ota
 
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowakiGoogle Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowakijavier ramirez
 

Similar to Common PhoneGap Gotchas (#PGDay EU 2016) (20)

Nodejs web,db,hosting
Nodejs web,db,hostingNodejs web,db,hosting
Nodejs web,db,hosting
 
Hack your db before the hackers do
Hack your db before the hackers doHack your db before the hackers do
Hack your db before the hackers do
 
The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)The Real World - Plugging the Enterprise Into It (nodejs)
The Real World - Plugging the Enterprise Into It (nodejs)
 
Splunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shellsSplunk: Forward me the REST of those shells
Splunk: Forward me the REST of those shells
 
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
44CON 2014 - I Hunt TR-069 Admins: Pwning ISPs Like a Boss, Shahar Tal
 
JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)JavaFX Enterprise (JavaOne 2014)
JavaFX Enterprise (JavaOne 2014)
 
Drupal Security Seminar
Drupal Security SeminarDrupal Security Seminar
Drupal Security Seminar
 
Enterprise Node - Securing Your Environment
Enterprise Node - Securing Your EnvironmentEnterprise Node - Securing Your Environment
Enterprise Node - Securing Your Environment
 
AppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App PerformanceAppForum 2014 Boost Hybrid App Performance
AppForum 2014 Boost Hybrid App Performance
 
Rails Security
Rails SecurityRails Security
Rails Security
 
The top 10 security issues in web applications
The top 10 security issues in web applicationsThe top 10 security issues in web applications
The top 10 security issues in web applications
 
Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9Hacking Oracle From Web Apps 1 9
Hacking Oracle From Web Apps 1 9
 
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
DSLing your System For Scalability Testing Using Gatling - Dublin Scala User ...
 
Hack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security TrainingHack & Fix, Hands on ColdFusion Security Training
Hack & Fix, Hands on ColdFusion Security Training
 
Being HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on PurposeBeing HAPI! Reverse Proxying on Purpose
Being HAPI! Reverse Proxying on Purpose
 
Pentesting RESTful webservices
Pentesting RESTful webservicesPentesting RESTful webservices
Pentesting RESTful webservices
 
HTML5 on Mobile
HTML5 on MobileHTML5 on Mobile
HTML5 on Mobile
 
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
[HES2013] Virtually secure, analysis to remote root 0day on an industry leadi...
 
CS166 Final project
CS166 Final projectCS166 Final project
CS166 Final project
 
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowakiGoogle Cloud Platform for DeVops, by Javier Ramirez @ teowaki
Google Cloud Platform for DeVops, by Javier Ramirez @ teowaki
 

Recently uploaded

CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...henrik385807
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Hasting Chen
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024eCommerce Institute
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceDelhi Call girls
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyPooja Nehwal
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubssamaasim06
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfhenrik385807
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024eCommerce Institute
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxmohammadalnahdi22
 
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxraffaeleoman
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Delhi Call girls
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxNikitaBankoti2
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesPooja Nehwal
 
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, YardstickSaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, Yardsticksaastr
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )Pooja Nehwal
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AITatiana Gurgel
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaKayode Fayemi
 
Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMoumonDas2
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Vipesco
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...Sheetaleventcompany
 

Recently uploaded (20)

CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
CTAC 2024 Valencia - Sven Zoelle - Most Crucial Invest to Digitalisation_slid...
 
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
Re-membering the Bard: Revisiting The Compleat Wrks of Wllm Shkspr (Abridged)...
 
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
Andrés Ramírez Gossler, Facundo Schinnea - eCommerce Day Chile 2024
 
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort ServiceBDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
BDSM⚡Call Girls in Sector 93 Noida Escorts >༒8448380779 Escort Service
 
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night EnjoyCall Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
Call Girl Number in Khar Mumbai📲 9892124323 💞 Full Night Enjoy
 
Presentation on Engagement in Book Clubs
Presentation on Engagement in Book ClubsPresentation on Engagement in Book Clubs
Presentation on Engagement in Book Clubs
 
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdfCTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
CTAC 2024 Valencia - Henrik Hanke - Reduce to the max - slideshare.pdf
 
George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024George Lever - eCommerce Day Chile 2024
George Lever - eCommerce Day Chile 2024
 
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptxMohammad_Alnahdi_Oral_Presentation_Assignment.pptx
Mohammad_Alnahdi_Oral_Presentation_Assignment.pptx
 
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptxChiulli_Aurora_Oman_Raffaele_Beowulf.pptx
Chiulli_Aurora_Oman_Raffaele_Beowulf.pptx
 
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
Night 7k Call Girls Noida Sector 128 Call Me: 8448380779
 
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docxANCHORING SCRIPT FOR A CULTURAL EVENT.docx
ANCHORING SCRIPT FOR A CULTURAL EVENT.docx
 
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara ServicesVVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
VVIP Call Girls Nalasopara : 9892124323, Call Girls in Nalasopara Services
 
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, YardstickSaaStr Workshop Wednesday w/ Lucas Price, Yardstick
SaaStr Workshop Wednesday w/ Lucas Price, Yardstick
 
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
WhatsApp 📞 9892124323 ✅Call Girls In Juhu ( Mumbai )
 
Microsoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AIMicrosoft Copilot AI for Everyone - created by AI
Microsoft Copilot AI for Everyone - created by AI
 
If this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New NigeriaIf this Giant Must Walk: A Manifesto for a New Nigeria
If this Giant Must Walk: A Manifesto for a New Nigeria
 
Mathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptxMathematics of Finance Presentation.pptx
Mathematics of Finance Presentation.pptx
 
Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510Thirunelveli call girls Tamil escorts 7877702510
Thirunelveli call girls Tamil escorts 7877702510
 
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
No Advance 8868886958 Chandigarh Call Girls , Indian Call Girls For Full Nigh...
 

Common PhoneGap Gotchas (#PGDay EU 2016)

  • 1. COMMON PHONEGAP GOTCHAS PHONEGAP DAY EU 2016 YankoPayanko (pixabay)
  • 2. HELLO! MY NAME IS KERRI Photo by Bill Bertram
  • 3. PURPOSE • IDENTIFY PAIN POINTS • LEARN THE "EASY" WAY • HAPPIER USERS • KEEP BRAIN CELLS
  • 4. COMMON PAIN POINTS* • PLUGIN ISSUES • XHR / AJAX FAILURES / CSP / CORS • CLI INSTALLATION • ICONS / LAUNCH SCREENS • TREATING PHONEGAP AS A BROWSER / SERVER • MISUNDERSTANDING PHONEGAP TOOLS • DATA STORAGE • RESPONSIVE DESIGN • SLOW • DIDN'T EXPECT PLATFORM QUIRKS *NOT SCIENTIFICALLY DETERMINED
  • 5. CLI INSTALLATION • WINDOWS SEEMS TO BE PROBLEMATIC FOR USERS • NETWORK RESTRICTIONS / PROXIES GET IN THE WAY • OFTEN HAVE DIFFICULTY CONFIGURING ENVIRONMENT VARIABLES CORRECTLY • SOMETIMES SECURITY PROGRAMS CAUSE INSTALL PROBLEMS • NPM WARNINGS LOOK SCARY • SOME GRUMBLING ABOUT NUMBER OF PREREQUISITES
  • 6. NOT A BROWSER • DON'T WRAP A WEBSITE • KEEP CODE LOCAL
  • 8. Browser PhoneGap Web View HTML CSS JS Native Code Core Plugins Bridge Device Contacts Storage Sharing IAP SDKs ••• Interfaces with Browser Chrome User Interface Visible Security; Download UI Web View HTML CSS JS Device GPS Accelerometer Limited Storage ••• Device Interfaces With Bookmarks Non- sandboxed Storage ••• Interfaces With Browser PhoneGap Web View HTML CSS JS Native Code Core Plugins Bridge Device Contacts Storage Sharing IAP SDKs ••• Interfaces with Browser Chrome User Interface Visible Security; Download UI Web View HTML CSS JS Device GPS Accelerometer Limited Storage ••• Device Interfaces With Bookmarks Non- sandboxed Storage ••• Interfaces With
  • 9. SINGLE PAGE APP (SPA) • DYNAMIC DOM • EASIER ANIMATION • EASIER APP STATE • FASTER
  • 13. CLI, DESKTOP, DEVELOPER, BUILD, OH MY! • ONE OF THE FIRST QUESTIONS I ASK: WHICH TOOL ARE YOU USING? • DEVELOPER DOESN'T SUPPORT EVERY PLUGIN • BUILD HAS DIFFERENT STRUCTURE THAN CLI • DESKTOP'S TEMPLATES NEED UPDATED
  • 14. CLI Desktop App Developer App Build What Command line interface for creating, building, managing, and running PhoneGap apps Graphical user interface for creating, managing, and quickly testing PhoneGap apps Mobile app that connects to the Desktop app or `phonegap serve` for rapid iteration purposes Cloud service that builds apps for you without needing a local development environment Benefits Complete control Quickly create, manage, and serve apps Rapid iteration with quick reload Don't need a local dev environment Upload from CLI, .zip, GitHub Easy distribution Disadvantages Need to install prereqs & SDKS More maintenance Template is out-of-date Have to use CLI to add platforms/plugins Connection difficulties Only core + select plugins lots of edge cases not present in built apps Connection difficulties Different project structure PGB vs NPM plugin repo
  • 15. PUT A PIN IN IT
  • 16. Platform $ cordova platform add ios@4.1.0 --save (config.xml)
 <engine name="ios" spec="4.1.0" /> Plugins $ cordova plugin add cordova-plugin-device@1.1.1 
 --save (config.xml) <plugin name = "cordova-plugin-device"
 spec = "1.1.1" /> PhoneGap Build CLI Version <preference name = "phonegap-version" 
 value = "cli-6.0.0"/>
  • 17. PLUGIN ISSUES • NOT INSTALLED OR INSTALLED INCORRECTLY • NOT WAITING FOR DEVICEREADY • PASSING INCORRECT/ MALFORMED PARAMETERS • PAY ATTENTION TO ERROR CALLBACK! • DOCUMENTATION IS OFTEN AN ISSUE • CAN LEAD TO FEELINGS OF POOR QUALITY
  • 18. DATA STORAGE • LOCALSTORAGE IS TEMPTING, BUT A POOR CHOICE • SYNC IS A BIG QUESTION (COUCHDB & POUCHDB) • USE THE BEST STORAGE OPTION FOR THE DATA
  • 19. localStorage WHAT IS IT GOOD FOR?NOT MUCH
  • 20. localStorage File API Web SQL IndexedDB SQLite (1, 2, 3) App Prefs Keychain Quota ~5mb n/a 5 - 50mb 5 - 50mb n/a platform specific platform specific Async? ✕ ✓ ✕ ~ ~ ✓ ✓ Format Key / String Text / Binary Structured data Store / Key / Object Structured data Key / String Key / String Good for Not much Caching Temporary data Saving and loading documents Storing & querying structured data Storing semi- structured JavaScript objects Large amounts of structured data User Settings Sensitive Information Note Not persistent, No callback Persistent and temporary file systems Deprecated Bugged on iOS (buggyfill) Keep result set small! Not good for lots of data Not good for lots of data
  • 22. YOUR USER'S DATA AND PRIVACY ARE PRICELESS
  • 24.
  • 25. DON'T TRUST YOUR DATA • VALIDATE EVERYWHERE • DOM INJECTION • SQL INJECTION
  • 26. // DOM INJECTION: let untrustedData = `<button onclick="doSomethingNefarious();"/>`; el.innerHTML = untrustedData; // SUSCEPTIBLE el.textContent = untrustedData; // SAFE // SQL INJECTION: { let sql = "select * from user where username = " + username; db.transaction(tx => tx.executeSql(sql)); } // SUSCEPTIBLE { let sql = `select * from users where username = ?`; db.transaction(tx => tx.executeSql(sql, [username])); } // SAFE
  • 27. NETWORK CONNECTIVITY • LOTS OF MISUNDERSTANDING ABOUT WHITELIST AND CONTENT-SECURITY- POLICY
  • 29. Network Access <access origin="https://www.example.com" /> <access origin="https://*.example.com" /> <access origin="*" /> <!-- NOT SECURE --> Top-level Navigation (location .href) <allow-navigation href="https://*.example.com/*" /> $ cordova plugin add cordova-plugin-whitelist --save
  • 30. CSP META TAG • TIGHTEN AS MUCH AS POSSIBLE • DEV WILL BE MORE PERMISSIVE
  • 31. <!-- Development CSP --> <meta http-equiv="Content-Security-Policy" content="default-src 'self' gap: https://ssl.gstatic.com; connect-src 'self' ws: https://test.example.com; img-src 'self' data:; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' gap:;"/> <!-- Production CSP --> <meta http-equiv="Content-Security-Policy" content="default-src 'self' gap: https://ssl.gstatic.com; connect-src 'self' https://www.example.com; img-src 'self' data:; style-src 'self'; script-src 'self' gap:;"/>
  • 32. 'self' Required to load local resources gap: UIWebView only (iOS) — used by web-native bridge ws: Web socket support (needed for live reload) https://ssl.gstatic.com Android TalkBack (Accessibility) data: Inline images, including SVG use 'unsafe-eval' Try to avoid, but not always possible (live reload / plugins) 'unsafe-inline' Try to avoid, but not always possible (live reload / plugins)
  • 33. CROSS-ORIGIN RESOURCE SHARING (CORS) • SERVER-SIDE • REQUIRED FOR WKWEBVIEW, PHONEGAP SERVE, AND BROWSER
  • 35. if (!navigator.onLine) { throw new OfflineError(); // offline; don't bother } let xhr = new XMLHttpRequest(); xhr.open(method, URI, true); xhr.timeout = 30000; // 30 second timeout xhr.ontimeout = function() { throw new TimeoutError(); // might be offline or unreachable. If online, try // again (throttle); error after too many failures // Watch for long-running queries! } xhr.onerror = function() { throw new XHRError(); // try again; error after too many failures } xhr.onload = function() { if (this.status >= 200 && this.status <= 299) { /* success! */ } else { throw new HTTPError(this.status); } } xhr.send(data);
  • 36. ICONS & LAUNCH SCREENS • PATHS ARE RELATIVE TO CONFIG.XML • USE MODERN <SPLASH> AND <ICON> TAGS • MAKE SURE THE IMAGE IS SAME SIZE AS SPECIFIED IN CONFIG.XML • KEEP LAUNCH SCREEN SIMPLE
  • 37. PERCEIVED AS SLOW • 300MS DELAY **SIGH** • JANKY ANIMATIONS • PROFILE!
  • 38. BAN SLOW INTERACTIONS • FAST CLICK OR GESTURE LIBRARY (1, 2) • AFFORDANCES • DELAY WORK UNTIL AFTER ANIMATIONS
  • 39. PROFILE • TRACK MEMORY, FRAMES, EXECUTION TIME • CHROME / SAFARI + INSTRUMENTS • SCREEN RECORDING
  • 41. DESIGN RESPONSIVELY • HTML IS ALREADY RESPONSIVE • RESPONSIVE UNITS (%, REM, VIEWPORT UNITS:VH,VW,VMAX,VMIN) • MEDIA QUERIES & DEVICE PLUGIN • FLEXBOX LAYOUT
  • 43. MOBILE IS QUIRKY • MOBILE WEB IS QUIRKY • ACCEPT DEVICE & PLATFORM- SPECIFIC WORKAROUNDS • DEVICE PLUGIN • CROSSWALK • WKWEBVIEW
  • 44. My finger is actually here Touch is registered here iOS UIWebView Scroll Offset Bug
  • 45. # iOS 9 (UIWebView on iOS 8) $ cordova plugin add cordova-plugin-wkwebview-engine --save # iOS 8 & 9 $ cordova plugin add https://github.com/apache/cordova- plugins.git#master:wkwebview-engine-localhost —save # Then, edit config.xml <platform name="ios"> <content src="http://localhost:49000"/> </platform> # Android $ cordova plugin add cordova-plugin-crosswalk-webview --save
  • 46. MANAGE THE KEYBOARD Handling the keyboard in hybrid applications
 Tim Lancina 10:15am