Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How can we stop a hacker from reverse engineering a react-native app ? #22518

Closed
3 tasks done
gourav-singhal opened this issue Dec 5, 2018 · 4 comments
Closed
3 tasks done

How can we stop a hacker from reverse engineering a react-native app ? #22518

gourav-singhal opened this issue Dec 5, 2018 · 4 comments
Labels
Resolution: Locked This issue was locked by the bot. Type: Question Issues that are actually questions and not bug reports.

Comments

@gourav-singhal
Copy link

gourav-singhal commented Dec 5, 2018
edited
Loading

Environment

React Native Environment Info:
System:
OS: macOS High Sierra 10.13.6
CPU: x64 Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Memory: 844.41 MB / 12.00 GB
Shell: 3.2.57 - /bin/bash
Binaries:
Node: 10.8.0 - /usr/local/bin/node
npm: 6.2.0 - /usr/local/bin/npm
Watchman: 4.9.0 - /usr/local/bin/watchman
SDKs:
iOS SDK:
Platforms: iOS 11.4, macOS 10.13, tvOS 11.4, watchOS 4.3
Android SDK:
Build Tools: 23.0.1, 23.0.3, 25.0.2, 26.0.0, 26.0.1, 26.0.2, 26.0.3, 27.0.0, 27.0.2, 27.0.3, 28.0.0
API Levels: 23, 25, 26, 27
IDEs:
Android Studio: 3.0 AI-171.4443003
Xcode: 9.4.1/9F2000 - /usr/bin/xcodebuild
npmPackages:
react: 16.6.1 => 16.6.1
react-native: 0.57.7 => 0.57.7
npmGlobalPackages:
react-native-cli: 2.0.1
react-native-fetch-blob: 0.10.8
react-native-mail: 3.0.6

Description

Hi All,

Can you suggest the best practices to store sensitive information in a react-native app?

Currently I have my api_keys and other sensitive information in a config.js file which could be easily read using reverse engineering techniques.

Reproducible Demo

This issue is related to any react native project build as all the code is minified in a mainbundle.js file which can be easily opened in any text editor.
@react-native-bot
Copy link
Collaborator

It looks like you are using an older version of React Native. Please update to the latest release, v0.57 and verify if the issue still exists.

The "⏪Old Version" label will be removed automatically once you edit your original post with the results of running react-native info on a project using the latest release.

@gourav-singhal
Copy link
Author

gourav-singhal commented Dec 5, 2018
edited
Loading

Yes the issue exists in latest version as well updated original post

@gourav-singhal
Copy link
Author

#1093

@hramos hramos added the Type: Question Issues that are actually questions and not bug reports. label Dec 5, 2018
@hramos
Copy link
Contributor

hramos commented Dec 5, 2018

This issue repository is for tracking bugs in the React Native SDK. Can you post your question to one of the other community forums instead?

@hramos hramos closed this as completed Dec 5, 2018
@facebook facebook locked as resolved and limited conversation to collaborators Dec 5, 2019
@react-native-bot react-native-bot added the Resolution: Locked This issue was locked by the bot. label Dec 5, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Resolution: Locked This issue was locked by the bot. Type: Question Issues that are actually questions and not bug reports.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@hramos @gourav-singhal @react-native-bot