Uploaded image for project: 'Titanium SDK/CLI'
  1. Titanium SDK/CLI
  2. TIMOB-7553

Android: Source code protection needs to be implemented for Android on V8



      Source code is shipped as obfuscated source in Titanium applications for Android. This results in application logic that is significantly easier to reverse engineer. Suggest that similar measures be taken at build time as iOS, where JavaScript code is inlined in a C file and compiled into the application.

      Test cases

      Create or import a project to use during these tests.

      Running application (without protection enabled)

      1. Install application to a device.
      2. Launch application and verify it works (no file not found errors).
      3. Run `unzip -l build/android/app.apk`
      4. Verify in assets/Resources you can see your JavaScript files.

      Running application (with protection enabled)

      1. In tiapp.xml add a property with name "ti.android.compilejs" set to true.
      2. Install application to device.
      3. Launch application and verify it works.
      4. Run `unzip -l build/android/app.apk`
      5. Verify in assets/Resources there is no JavaScript files.

      Deploy application (protection enabled by default)

      1. Create a deploy APK from Studio.
      2. Run `unzip -l app.apk`
      3. Verify no JavaScript files exist under assets/Resources
      4. Install APK to device and verify application works.


          Issue Links



              • Assignee:
                joshroesslein Josh Roesslein
                kwhinnery Kevin Whinnery
              • Watchers:
                7 Start watching this issue


                • Created:

                  Backbone Issue Sync

                  • Backbone Issue Sync is enabled for your project, but we do not have any synchronization info for this issue.

                    Git Source Code