Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Alfred_M_
Beginner
64 Views

Intel xdk ssl security

I want to use intel xdk's ssl security plugin i have looked at the following  https://software.intel.com/en-us/node/564377 im not sure

How i would translate that to my below code. can anyone help?

 

var TransResponse;

 function Transport(parameters,Page) {

var http = new XMLHttpRequest();

http.open("POST", "http:/000.000.000.000/"+Page, false);

//Send the proper header information along with the request
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http.setRequestHeader("Content-length", parameters.length);

http.onreadystatechange = function() {//Call a function when the state changes.
   if(http.readyState == 4 && http.status == 200) {
      
     TransResponse=http.response;
     }
}
http.send(parameters);
return TransResponse;
 }

 

Tags (2)
0 Kudos
4 Replies
PaulF_IntelCorp
Employee
64 Views

Alfred -- I'll ask one of the App Security API experts to reply.

Ohad_B_Intel
Employee
64 Views

Hi Alfred, 

Here is code that implements the Transport function above using the App Security API plugin:          

function Transport(parameters, page){    			
	
	// create a connection instance 
	intel.security.secureTransport.open(
		function (instanceID){
			alert('open succeeded, instanceID = '+instanceID);
			
			// set headers 
			intel.security.secureTransport.setHeaders(
				function() {
					alert('setHeaders succeeded');
					
					// send the request 
					intel.security.secureTransport.sendRequest(
						function(response){									
							alert('sendRequest succeeded');
							
							// assign response HTTP status
							var responseHttpStatus = response.responseHttpStatus;

							// assign response body
							var responseBody = response.responseBody;

							// assign response header
							var responseHeader = response.responseHeader;
							
							// assign the response body to TransResponse variable
							TransResponse = responseBody;
							alert('responseBody = '+responseBody);
							
							// destroy the trsnport handle
							intel.security.secureTransport.destroy(
								function (){
									alert('all pass');
								},
								failCallback, 
								instanceID);
								
						},
						failCallback,
						{'instanceID':instanceID, 'requestBody': parameters});
						
				},
				failCallback,
				{'instanceID':instanceID, 'headers':{"Content-type":"application/x-www-form-urlencoded"}});
				
				
		}, 
		failCallback, 
		{'url':'http:/000.000.000.000/'+page, 'method':'POST'});
			
}
function failCallback(error) {
	alert("Fail, error code is: " + error.code + ", error message is: " + error.message);
}

 

Please note that it includes many alerts, I hope it will help you with your first debugging.

Please let us know if you need further help.

 

Thanks,

    Ohad 

 

Valery_M_
Beginner
64 Views

Hello @Ohad:

 I managed to work out the https communication but it only runs fine when I use the Intel XDK debug tag... when I generate the APK does not work (error 13, Policy violation detected). I tried to search for some more information about this specific error but did not find it. Do you know why it is reporting such error? Why the intel security plugin works fine in debug mode and fail when the apk is generated?

Thank you.

PaulF_IntelCorp
Employee
64 Views

Valery -- I suspect your whitelist settings are the problem (and CSP tag). In the Debug tab those settings are mostly set to be "wide open" for easier debugging, but in the built app they follow whatever you've set in your app. I recommend you use the "Cordova Android Whitelist" setting and that you DO use CSP. See these links as starting points:

Reply