Monaca HTML5 Resource Encryption
Last updated
Was this helpful?
Last updated
Was this helpful?
This plugin provides the encryption function for HTML5 assets bundled up with the built app in Monaca and the decoding function for application execution time.
Cordova 7.1 or higher
iOS 9 or later
For WKWebView version (5.0.5 or later): iOS 11 or later
CustomScheme supporting version(6.1.0 or later): iOS 11 or later
Android 4.1 or later
Encryption Method: AES
Key Length: 256 bits
From Monaca Cloud IDE menu, go to Configure → Cordova Plugin Settings .
Under Available Plugins section, hover over the Encrypt plugin and click Enable button.
3. Find the newly added plugin under the Enabled Plugins section. Then, hover the plugin and click Configure button.
4. Enter parameter(s) for this plugin. Then, click button. Available parameters are as follows:
Parameter
Type
Description
SECRET
String
[Required] Password/secret for the encryption.
TARGETS
String
[Optional] Target folder of the project files to be encrypted.
www folder (default) 。
To set multiple folders, separate them with , (comma).
Example: TARGETS=www/data,www/js
To exclude folders from encryption, add a ! (exclamation point). (5.1.0 or later)
Example: TARGETS=www/data,!www/js
AUTO_DECRYPT
Boolean
[Optional] Auto decryption options:
1: (default) for enabling auto decryption
0: for disabling auto decryption
You can also manually decrypt the configured target folder. The target folder is encrypted and can't be read until the monaca.Encrypt.setDecryptHash() function is executed. In other words, it can not be read with the script tag in index.html file.
Please follow the steps below on how to use manual decryption:
In order to enable manual decryption, please set AUTO_DECRYPT to 0 in the plugin configuration (Step 4 in the previous section).
A hash code is required when calling monaca.Encrypt.setDecryptHash() function to decrypt the target folder(s). The hash code can be found in the build log as follows:
Build your project (either iOS or Android).
Once the build is successfully completed, click on here (as shown in the screenshot below) button to see the build log.
3. Copy the build log and paste it in any text editor and find the hash code which looks like this:
Once you have the hash code, you can start using the decryption function. The function needs to be called inside the deviceready event. For example:
In iOS, we can set the scheme and hostname for this plugin. (Same as In-App Updater plugin)
The default scheme and hostname of Cordova 10 are as follows.
Please remove this default setting. If you specify this, you will get a build error.
You can then set the scheme and hostname in config.xml as follows.
Also, if you omit monaca:scheme and moanca:hostname, they become monaca-plugin and monaca.plugin respectively.
In this plugin, we use the encryption library of iOS SDK. Therefore, in order to release the built app embedded this plugin to the AppStore, you need to set 2 options when you submit your app for a review. Under the Export Compliance section, please choose "Yes" for both questions as shown in the screenshot below:
See Also:
7.1.0
Support cordova-ios 7.1.0
6.2.3
Automatic lowercase recognition of uppercase schemes and host names
6.2.2
Fixed a bug when retrieving json files from external sites
6.2.0
Support cordova-android 10 series or later (cordova-android 9 series is no longer supported)
6.1.0
Support CustomScheme
6.0.0
Support Cordova10 (Cordova9 series is no longer supported)
The privacy manifest required by this plugin is as follows. (cordova-ios 7.1.0 or greater)
In this example, the scheme is "monacax-app" and the hostname is "monacax.io". The characters that can be used in the scheme are as shown in
For more information on how to write a manifesto, see .
