Google App Store Warning - You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible
Solution 1
After some research, I think, I have found the solution here:
http://cordova.apache.org/index.html#download
npm install -g cordova
cd my_project
cordova platform update android
Running the last command does the trick and I get this response:
**cordova platform update android**
Deleting E:/PhoneGap/my_project/platforms/android/libs/cordova-3.1.0.jar
Android project is now at version 3.6.3
If you updated from a pre-3.2.0 version and use an IDE, we now require that you
import the "CordovaLib" library project.
Hope that helps.
Regards
Solution 2
If you are using Phonegap, you just need to update Phonegap to version 3.5.0
It's explained here: http://phonegap.com/blog/2014/06/12/phonegap-3_5_release/
And here's the note from Phonegap that says how you're covered: http://phonegap.com/blog/2014/08/07/cordova-android-3_5_0-patched-with-security-fixes/
AnR
Updated on June 03, 2022Comments
-
AnR about 2 years
I have received an Email from Google Play Store for my Android App:
This is a notification that your com.mydomain.myapp, is built on a version of Apache Cordova that contains security vulnerabilities. This includes a high severity cross-application scripting (XAS) vulnerability. Under certain circumstances, vulnerable apps could be remotely exploited to steal sensitive information, such as user login credentials. You should upgrade to Apache Cordova 3.5.1 or higher as soon as possible. For more information about the vulnerabilities, and for guidance on upgrading Apache Cordova, please see http://cordova.apache.org/announcements/2014/08/04/android-351.html. Please note, applications with vulnerabilities that expose users to risk of compromise may be considered “dangerous products” and subject to removal from Google Play. Regards, Google Play Team ©2014 Google Inc. 1600 Amphitheatre Parkway Mountain View, CA 94043
If I try the command mentioned on the given link/page, i.e.:
cordova platform add [email protected] --usenpm
I get an error:
Platform android already added
How can I upgrade Cordova from 3.1 to 3.5.1? I have tried all sort of things like:
npm update -g cordova
But I do not appear to be getting successful. The version file in MyApp\platforms\android\cordova folder still shows following entry and no file in this folder changes:
// Coho updates this line: var VERSION = "3.1.0"; console.log(VERSION);
-
jcesarmobile over 9 yearswhen you updated the app, dit the warning disappeared from google play? I've updated my app to 3.6.3 and the warning is still there
-
jcesarmobile over 9 yearsI answer myself, after a few hours the warning disappears
-
AnR over 9 yearsYes, the warning disappeared. Though it took some time, not sure how many hours.
-
Manikandan over 9 yearsWhere can I get the CordovaLib?
-
AnR over 9 yearsI think u don;t need to get CordovaLib. It will be automatocally created when you will add Android Platform in your project