Titanium JIRA Archive
Titanium SDK/CLI (TIMOB)

[TIMOB-25909] iOS: Getting security alert screen

GitHub Issuen/a
TypeBug
PriorityCritical
StatusClosed
ResolutionNot Our Bug
Resolution Date2018-03-28T19:52:30.000+0000
Affected Version/sn/a
Fix Version/sn/a
Componentsn/a
LabelsAppcelerator, security
ReporterPrafulla Bansode
AssigneeHans Knöchel
Created2018-03-28T07:42:39.000+0000
Updated2018-08-06T17:52:05.000+0000

Description

While launching the application we have seen the security alert (see the attached screenshot). Explanation of this issue on chat from Appcelerator team is: if we added the jail-broke property in tiapp then this app will not work on rooted device and you will see this error. But we are running the app on the same device and this is not observed again an again. Please let us know the other scenario's in which this issue may occur. What steps we need to take to get it resolved?

Attachments

FileDateSize
IMG_0091.PNG2018-03-28T07:30:35.000+0000428000

Comments

  1. Hans Knöchel 2018-03-28

    Hey there! So I assume this is iOS? Please always provide your full environment, so we are actually able to help. Also, please attach a log if available and the tiapp.xml of the application (please remove all sensitive data like the app-id, appc-id and api-keys). The error screen looks like you enabled jailbreak-detection, which will make the app unusable for devices running jailbreaks. Many customers require this property to save their applications from being remote-debugged, which is only possible with jailbroken devices (e.g. Cydia). Looking at the tiapp.xml will help getting this cleared asap! *EDIT*: Also fundamentally important: Is this only with the latest SDK version or does it occur with older ones as well?
  2. Prafulla Bansode 2018-03-28

    I am using sDK 6.3.0 , we observed the above issue on iPhone X (OS . 11.0) and simulators as well, http://ti.appcelerator.org"> com.APPNAME APP NAME 2.2.2 xx http://google.com undefined appicon.png false true false GUID dp UISupportedInterfaceOrientations~iphone UIInterfaceOrientationPortrait UISupportedInterfaceOrientations~ipad UIInterfaceOrientationPortrait UIInterfaceOrientationPortraitUpsideDown UIInterfaceOrientationLandscapeLeft UIInterfaceOrientationLandscapeRight UIRequiresPersistentWiFi UIPrerenderedIcon UIStatusBarHidden UIStatusBarStyle UIStatusBarStyleLightContent NSCameraUsageDescription HelpNow+ requires camera Permissions to show Camera. NSPhotoLibraryAddUsageDescription Photo clicked in HelpNow+ will be stored in Photos. NSPhotoLibraryUsageDescription Required to allow upload photos from Photos. http://schemas.android.com/apk/res/android"> http://api.mixpanel.com/track/?ip=0"/> https://api.mixpanel.com/track/?ip=0"/> https://api.mixpanel.com/engage?ip=0"/> true true default ti.cloud nl.fokkezb.html2as com.appcelerator.apm com.appcelerator.apm ti.imagefactory ti.imagefactory appcelerator.https appcelerator.https com.appcelerator.urlSession de.marcelpociot.imagefromgif com.miga.gifview com.android.mixpanel com.ios.mixpanel true false true false 6.3.0.GA ti.alloy XXX APM ID https://secure-identity.cloud.appcelerator.com https://api.cloud.appcelerator.com XXX XXX xxx appc_app_user_dev xxx https://secure-identity.cloud.appcelerator.com https://api.cloud.appcelerator.com xxx xxx xxx appc_app_user xxx xxx xxx true true remote
  3. Hans Knöchel 2018-03-28

    Well, you use all three security properties: 
       <property name="appc-security-debugger-detect">true</property>
   <property name="appc-security-jailbreak-detect">true</property>
   <property name="appc-sourcecode-encryption-policy">remote</property>
    Disabling them will allow jailbroken phones to run your app again. Read more about the properties in [here](https://docs.appcelerator.com/platform/latest/#!/guide/tiapp.xml_and_timodule.xml_Reference-section-src-29004921_tiapp.xmlandtimodule.xmlReference-appc-security-jailbreak-detect) (all three properties are listed). Resolving ticket as it's not an issue with the SDK but a feature that works as designed. Again, removing them will change the behavior and fix your issues.
  4. Prafulla Bansode 2018-04-04

    In this case, the app should never run on the same device. But we have seen this issue only once and it was working on the same device rest of the times.
  5. Hans Knöchel 2018-04-04

    The functionality was broken a while ago and had been fixed since a few versions. Did you update your SDK between the last time and this time? Then that might be the reason and you should remove the flag if you don‘t want to use this functionality.
  6. Eric Merriman 2018-08-06

    Closing as "not our bug". If you disagree, please reopen.

JSON Source