We have the server set up and configured to return certain paths under /.well-known/apple-app-site-association. When we publish our app, the "associatedDomains" key in our app.json instructs iOS to give us a chance to open links in app.
That all, more or less, works. What we can't figure out is how to productively test universal links during local development. The expo app won't have our app.json and its a horrendous flow to make an independent build for this purpose (we lose hot reloading and frankly it just doesn't seem to work regardless)
This wouldn't be the end of the world if our product didn't require opening a link in email to log in, but it does and that requirement isn't going anywhere.
Expo does not support Universal links in development. They can only be tested in production and standalone builds. One work around for this is to use something like branch.io to conditionally send the user to a different url depending on the device they are using.
Related
I am new to react-native world. Following few tutorials, I found that it react-native app runs on javascript engine on mobile. I am following ios tutorial. So when I go to localhost:8081/index.ios.bundle it loads JS for the app. I know I can use ngrok to manipulate this URL.
I have multiple concerns with this:-
If I change the URL of js from something local to something remote, this would result in a completely new app and now I don't need to go through the App Store to upgrade my app version. Can this be a potential issue in the future?
Since anybody can open this JS in a browser which might have important information like client id and secret for the app, can this be an issue as well?
I am not 100% sure. You can indeed update hybrid app easier and if it is only a quick fix you don't need to go through apple store verification process. Apple can also delete your app and ban you if you don't follow guidelines. Usually your js is local in production for instant app start time, and the network is used only for fresh data.
This is solved with an authentication mechanism.
I have an iOS and Android app and I'm building a corresponding website. I would like that the webpage, if opened using a mobile device, opens the app or its corresponding app store page (without using Facebook app links).
On the app side everything is working, including the url schema.
Does someone know how to implement this procedure, without external services, using HTML and JS?
Thanks in advance for your help.
To be honest, this is kind of a pain to implement on your own. There is no easy way to handle everything without a ton of nasty edge cases, most notably the 'Cannot Open Page" error users will see if they don't have your app installed. Until iOS 9, a reasonable basic implementation was putting a JavaScript redirect like this into a dedicated redirect page on your site:
setTimeout(function() {
window.location = "https://yourdomain.com";
}, 25);
// If "yourapp://" is registered, the user will see a dialog
// asking if they want to open your app. If they agree, your
// app will launch immediately and the timer won't fire.
// If not installed, you'll get an ugly "Cannot Open Page"
// dialogue and your fallback page will open when the timer expires.
window.location = "yourapp://";
Unfortunately this would still show a 'Cannot Open Page' error, but until recently it was possible to get around this in a reasonably user-friendly way by using a more nuanced version of this script. Sadly, Apple intentionally broke that with the iOS 9.2 update, so custom URL schemes are actually pretty much useless for deep linking now, unless you are certain the app is already installed on that device.
Apple is obviously trying to push the newer Universal Links standard as much as possible. Universal Links lets you use a normal http:// URL to a page on your website (the page could be a simple redirection to your desired fallback webpage without the custom URL trigger that causes the 'Cannot Open Page' error), which is intercepted by your phone and sent directly into your app if installed.
This is quite a lot to handle, so the best option might be a free service like Branch.io (full disclosure: I work with the team) to take care of all the technical aspects. You can find examples of apps using the Branch service here.
Here my problem, i create a couple mini game for windows 10 (PC, phone, Hololens UWP, ...), but now i would like to make a launcher to gather all my games, like steam (for example).
But, according to Microsoft, it's impossible to launch a .exe or even .msi from UWP app -> ("This API also imposes several restrictions on what types of files it can launch. Many file types that contain executable code, for example .exe, .msi, and .js files, are blocked from launching. This restriction protects users from potentially malicious files that could modify the system.
")
And now i search a solution, maybe with the FullTrustProcessLauncher Class but i dont know how its works :
https://learn.microsoft.com/en-us/uwp/api/Windows.ApplicationModel.FullTrustProcessLauncher#Windows_ApplicationModel_FullTrustProcessLauncher_LaunchFullTrustProcessForCurrentAppAsync_System_String_
if you have an idea, a solution or even an exemple, I will be thankfull
Best regards
PS: sorry for the bad english, i'm french ^^
You can accomplish this by supporting a custom protocol in your games. Then your launcher app can launch them via that protocol by using the LaunchUriAsync API:
https://learn.microsoft.com/en-us/uwp/api/windows.system.launcher#Windows_System_Launcher_LaunchUriAsync_Windows_Foundation_Uri_
Sorry, that is not going to work.
"FullTrustProcessLauncher Class
Activate the full-trust Win32 component of an application from a Universal Windows app component in the same application package."
In other words this is to run a Win32 component of the current application.
Since Microsoft wants UWP to be more secure, your best option is probably to bundle your games together in one bigger application. Have the start page / form be a menu of the games, then switch to another form for each game.
Name your classes, forms, resources carefully so you know what game they are for -- ChessMain, ChessForm, chess_logo.jpg; CheckersMain, CheckersForm, CheckersPlayerTurn.
I have a hack way that may help to launch the exe in uwp.
If you want to use the win32 dll that in other directory,please get the LoadLibrary that can use it.
You can use
MEMORY_BASIC_INFORMATION info = {};
if (VirtualQuery(VirtualQuery, &info, sizeof(info)))
{
auto kernelAddr = (HMODULE)info.AllocationBase;
auto loadlibraryPtr = GetProcAddress(kernelAddr, "LoadLibraryExW");
// load your library here ...
}
to get the loadlibrary and use to loadlibrary the dll.
See https://hjc.im/3-ways-to-bypass-wack/
Ms use the PE and P/Invoke to judge whether uwp use the not allowed dll.
So you can use the loadlibrary to load it.
You can launch the exe by win32.
But it may work today but it might break tomorrow.
I've just started learning ionic framework. It uses web browser capabilities for building apps.
These capabilities namely HTML, javascript and CSS are client side stuff. Which on browsers can be seen with view source.
My questions is how will be the visibility of the source? Will the end user be able to see the source of the app?
If yes, is it normal for any app? Shall one be worried about the security of the source?
The visibility of the source in chrome://inspect#device , is pretty much the whole application. And no, end user cannot see the source of your application once you set and push the project to production mode.
Well, since you are developing a hybrid application, there are of course, pros and cons for each. Security might not be as strong as native apps, but development time is greatly reduced to push the app to different platforms.
If you would to do something would requires high security and non-visibility of your source , then native is the way to go. As for hybrid apps,if you need somewhere to store your data securely, you will need plugins to communicate with native platform's secure storage which might pose a security risk. But then again, even native applications can be de-compiled. The way developers tries to make it harder is via obfuscation methods.
Once u set your application to production mode, you will not be able to inspect your application anymore.
To show your web-app on chrome://inspect/#devices :
1) Make sure your web-app is running and your phone is plugged into your computer via usb with USB debugging on and your PC is trusted by the phone.
2) Under device manager, you should not have missing phone drivers. (it would look something like this)
3) ADB should not be running co-currently. And you should be able to see something like this on ur inspect page:
4) Click on inspect button and you're done! (:
You have a signed apk, when you install it on a device and inspect the device on google chrome the inspect option will not be available. Theres an easy way to do that decompile the signed apk using apktools you will get the AndroidManifest.xml file. simply add android:debuggable="true" to the tag and recompile it resign it and you will be able to inspect it. If you check the main.js file in the inspect section the source code is visible.
Hence you can use Jscrambler to prevent this (Its a paid service i too am new to it)
I am making a standalone webapp for a client, and he would be able to access to another website sometimes. So I made a link which open a tab in Safari (quit fullscreen) but then I wish I could return to the standalone app either by a link or by the address bar (without homescreen button which is locked).
Is there any way to make a link that go to a standalone web ? Or using javascript to open in fullscreen app ?
I hope Iwas clear enough, not easy to explain ^^
You can register a custom url scheme that links to your app. Basically, in your app .plist you register a scheme like "myapp", and any link that uses de protocol myapp://xxx would launch your app and pass whatever you add after the // ("xxx" in the previous example).
It's exactly like "mailto:" links, but opening your app instead of the Mail app :)
You can check how to configure your app in XCode looking at this answer: https://stackoverflow.com/a/12784399/201059
As you don't specify what platform you are using for packaging your WebApp, I can't give you further info, but if you were using Cordova/Phonegap you could install a plugin to receive the params after myapp://, so that you could go to a specific page/screen (ex: myapp://customercard?id=1234)
Update, regarding HoffZ's comment below:
When benuuts mentioned that it was a standalone webapp I understood that it was packaged with Cordova or a similar framework. If that it's not the case, unfortunately I'm not aware of any way to return to a fullscreen (pinned to the home screen) webapp.