Open maeddin opened 2 years ago
lohanidamodar
commented
2 years ago @MaddinMade we would love the pull reuqest. However the PR has to be made in our https://github.com/appwrite/sdk-generator repository, as we use templates and swagger specs to auto-generate our SDKs. Let us know if you are interested 🙏🏻
maeddin
commented
2 years ago @lohanidamodar Yes, I am interested, but I have no experience with such templates. Do I just need to edit the twig files? And also should a migrator be written to transfer the cookies to the new storage if they are still in the old storage?
lohanidamodar
commented
2 years ago @lohanidamodar Yes, I am interested, but I have no experience with such templates. Do I just need to edit the twig files? And also should a migrator be written to transfer the cookies to the new storage if they are still in the old storage?
obiwanzenobi
commented
1 year ago Is it a real security vulnerability? Dir that is returned from the path provider as an app documents directory that has Context.MODE_PRIVATE. https://github.com/flutter/engine/blob/main/shell/platform/android/io/flutter/util/PathUtils.java#L23
maeddin
commented
1 year ago @obiwanzenobi Other apps cannot access it with this. But it's about the situation when someone comes to your phone. They could then read the app documents, but not the encrypted data, unless they can unlock the phone. (As far as I know - I'm not an absolute expert in this either).
🔖 Feature description
Currently, the cookies are stored in files that can be accessed by other apps.
🎤 Pitch
I would suggest that you change the location of the cookies. I would use the plugin flutter_secure_storage for this purpose. I have also implemented this locally for my own projects. If desired, I can provide a corresponding pull request.
👀 Have you spent some time to check if this issue has been raised before?
🏢 Have you read the Code of Conduct?