Source visibility in ionic hybrid apps

Question

I've just started learning ionic framework. It uses web browser capabilities for building apps.

These capabilities namely HTML, javascript and CSS are client side stuff. Which on browsers can be seen with view source.

My questions is how will be the visibility of the source? Will the end user be able to see the source of the app?

If yes, is it normal for any app? Shall one be worried about the security of the source?

Answer 1

The visibility of the source in chrome://inspect#device , is pretty much the whole application. And no, end user cannot see the source of your application once you set and push the project to production mode.

Well, since you are developing a hybrid application, there are of course, pros and cons for each. Security might not be as strong as native apps, but development time is greatly reduced to push the app to different platforms.

If you would to do something would requires high security and non-visibility of your source , then native is the way to go. As for hybrid apps,if you need somewhere to store your data securely, you will need plugins to communicate with native platform's secure storage which might pose a security risk. But then again, even native applications can be de-compiled. The way developers tries to make it harder is via obfuscation methods.

Once u set your application to production mode, you will not be able to inspect your application anymore.

To show your web-app on chrome://inspect/#devices :

1) Make sure your web-app is running and your phone is plugged into your computer via usb with USB debugging on and your PC is trusted by the phone.

2) Under device manager, you should not have missing phone drivers. (it would look something like this)

3) ADB should not be running co-currently. And you should be able to see something like this on ur inspect page:

4) Click on inspect button and you're done! (: