I have a requirement where my app records the video files and stores them in app's documents directory. I want no other app should access these files other that my app. I have set file sharing enabled to NO. But I see some apps like iExplorer can show the video files saved under my app's documents directory. Can I know how this can be avoided.
I have also heard that by mounting the iOS device disk to any unix/linux machine can list out all the contents of the app sandbox.
So I want to know how to prevent this happening.
I tried with adding NSFileProtectionComplete as a attribute when saving the file. But this didn't solve the problem. Please help me on this.
Thanks,
I realize this is a little old but in the hopes of helping the next person who stumbles upon this:
You're probably looking for an encryption solution, combined with the standard steps for hiding your app documents folder as you've mentioned. Encryption won't necessarily hide the files but it will make them unreadable.
NSFileProtectionComplete only encrypts files when the device is locked. See the App Programming Guide for iOS section Protecting Data Using On-Disk Encryption. Also, keep in mind that when testing this, you'll have to wait 10-20 seconds after the device is locked before trying to verify that the file is inaccessible. If you want the encryption to persist past that point you'll have to handle it yourself. Something along what's described in this SO post perhaps.
Related
I'm trying to create a map viewer for an existing C# WinForms application. I've installed and hooked up the GreatMaps (GMap.net) controls no problem and that's all working fine. The quirk in this is that it needs to work offline (as it's an application that gets used by users who aren't always in locations where there's a mobile signal).
The offline cache mode works fine for GMap but, we've got to build the cache beforehand which we can do but, as we need the whole of the UK, will be a pain (especially as we have to go down to street level).
Does anybody know if there any existing cache files that we can download and use? I've looked at downloading OSM files but haven't got the faintest idea how to use them, convert them (into the gmdb format that GMap seems to use).
Any ideas?
Check out VectorTileRenderer (https://github.com/AliFlux/VectorTileRenderer) which has a demo for Gmap.net. All you need is an MBTiles file which you can download for free at OpenMapTiles.org (https://openmaptiles.com/downloads/europe/british-isles/)
I've read a few threads where this is discussed. Shai's response has always been that files can only be read, but not written into shared locations
Perhaps saving other type of files isn't so simple but shouldn't there be an option for saving pictures in CN1?
I haven't seen the Whatsapp Clone code, but if it truly is a clone shouldn't it have the option to share pictures (and possibly files). Or is it a simple text chat that perhaps shares pictures that can never be saved outside the app?
I also read somewhere (6 months ago) that Shai said that this should be a feature of CameraKit. Does this mean that this feature is in development? If so, that would be great. But having an ETA would also be great to align with our own devs
If it isn't being developed, can I at least know if this is something I can develop natively within CN1?
We expose the full file system so you can write to any place the native App can write to. Native apps don't have write access to the gallery directory and need to explicitly request it to put a file there. This can be accomplished easily in any external cn1lib (e.g. we could do it in camera kit) but haven't done it for camera kit or the whatsapp clone.
AFAIK there's no RFE open on this feature so I can't even tell you if it's assigned to a specific milestone.
Using aws mobilehub for our react application, mainly for authentication. I've seen in multiple places that the file that configures the sdk for the project, the aws-exports.js file, should not be included in source control.
Why should it not be in source control? I get that since we need differing versions it should be dynamically updated.. but is there any security risk for the client to be able to see it?
In inspector, we can see the information of the aws-exports.js file in the inspector, and I just want to make sure we aren't exposed to any security risk if, for example, someone perusing our files could see our "aws_cognito_identity_pool_id" or "aws-region" or something like that.
Also, side note- we will eventually have a production build so there will be some minification im sure to obfuscate the information, but just want some clarification on best practices and potential vulnerabilities.
Thanks!
I don't think it's about security, because the file is eventually going to be accessible, by design. It's because the file is dynamically generated.
The aws-exports.js file is a standard JavaScript file that is maintained by AWS Mobile Hub on your behalf. It changes when you add, remove, or edit features within AWS Mobile Hub.
// WARNING: DO NOT EDIT. This file is Auto-Generated by AWS Mobile Hub. It will be overwritten.
https://aws.amazon.com/blogs/mobile/integrate-the-aws-sdk-for-javascript-into-a-react-app/
It feels like the motivation behind this practice is to prevent the wrong file from being used, inadvertently, and avoid version control interference and annoyances from having a file that is tracked, but doesn't need to be.
I'm working on a project and I need to dynamically check what is in onhe of my folder. The idea is that I have the id of a quest, and there is a folder name after that id. My code needs to check if this folder exist AND if there is something in it. After that, it show all the picture inside that folder. The goal is that I will just have to add picture in a folder to have them appear in my game.
I tried to find a way to check the content of my folder, but everyone say that I need flash.filesystem, BUT it means that I need to use AIR. AIR does NOT work in FireFox or any other browser.
Here is the website that make me understood that:
http://www.experts-exchange.com/Software/Photos_Graphics/Web_Graphics/Macromedia_Flash/Q_26118847.html
How can I explore the content of my folders then?
There is absolutely no way to explore the local file system without user interaction in Flash. If you want to do it, you must make an AIR application, which is not browser-based. This is a security feature that is imposed by each browser (you can't do it in JS either) and implemented identically by Adobe.
You can use FileReference to allow a user to select file(s) for Flash to have access to or save a file, but that is the most interaction with the filesystem that will be possible without opening AIR (which is also not limitless. Even with AIR, you won't have full access to the file system and will be locked out of certain directories and prevented from doing certain things)
If the folders are on your server you'll need to rely on a server side script to do the job and pass the result to your app.
If you mean folders on client side computer it's not gonna be possible for security reason.
Yes, I know. This question have been already replied in Where to store the Core Data file? and in Store coredata file outside of documents directory?.
#Kendall Helmstetter Gelner and #Matthias Bauch provided very good replies. I upvoted for them.
Now my question is quite conceptual and I'll try to explain it.
From Where You Should Put Your App’s Files section in Apple doc, I've read the following:
Handle support files — files your application downloads or generates and
can recreate as needed — in one of two ways:
In iOS 5.0 and earlier, put support files in the /Library/Caches directory to prevent them from being
backed up
In iOS 5.0.1 and later, put support files in the /Library/Application Support directory and apply the
com.apple.MobileBackup extended attribute to them. This attribute
prevents the files from being backed up to iTunes or iCloud. If you
have a large number of support files, you may store them in a custom
subdirectory and apply the extended attribute to just the directory.
Apple says that for handling support files you can follow two different ways based on the installed iOS. In my opinion (but maybe I'm wrong) a Core Data file is a support file and so it falls in these categories.
Said this, does the approach by Matthias and Kendall continue to be valid or not? In particular, if I create a directory, say Private, within the Library folder, does this directory continue to remain hidden both in iOS 5 version (5.0 and 5.0.1) or do I need to follow Apple solution? If the latter is valid, could you provide any sample or link?
Thank you in advance.
I would say that a Core Data file is not really a support file - unless you have some way to replicate the data stored, then you would want it backed up.
The support files are more things like images, or databases that are only caches for a remote web site.
So, you could continue to place your Core Data databases where you like (though it should be under Application Support).
Recent addition as of Jan 2013: Apple has started treating pre-loaded CoreData data stores that you copy from a bundle into a writable area, as if they were a support file - even if you write user data into the same databases also. The solution (from DTS) is to make sure when you copy the databases into place, set the do-not-backup flag, and then un-set that if user data is written into the database.
If your CoreData store is purely a cache of downloaded network data, continue to make sure it goes someplace like Caches or has the Do Not Backup flag set.