cordova-plugin-securitychecks

RASP-style security checks + fresh simulated location detection for iOS.

Install

``bash
cordova plugin add cordova-plugin-ra-securitychecks


or from a VCS/url if you host it somewhere


`

> iOS only. Requires Xcode 13+ for iOS 15 APIs (for CLSourceInformation).

Usage

`js
// Best practice: get fresh location (async) before resolving
SecurityChecks.getStatus(function (res) {
console.log('Security status:', res);
/*
{
isDebuggerAttached: boolean,
isJailbroken: boolean,
isSimulator: boolean,
integrityPassed: boolean,
hookingDetected: boolean,
hasEmbeddedMobileProvision: boolean,
isLocationSimulated: boolean // fresh reading with cache-avoidance
}
*/
}, function (err) {
console.error(err);
});

// Quick snapshot (returns immediately; location may be cached)
SecurityChecks.quickStatus(function (res) {
console.log('Quick status:', res);
}, console.error);
`

Info.plist

The plugin injects these automatically:

- NSLocationWhenInUseUsageDescription
- NSLocationAlwaysAndWhenInUseUsageDescription

Customize the messages after first build if desired.

Notes

- There is no public API to clear CoreLocation cache. The plugin avoids stale reads by requesting a fresh one-shot location and ignoring results older than 2 seconds.
- On iOS < 15, isLocationSimulated will always be false because CLSourceInformation is unavailable.
- Some jailbreak checks may be sensitive for App Store review; use with caution.
``)