Note: To implement Native AJAX for mobile apps, Canvas provides the following plug-ins in its framework package.
- cordova-plugin-canvas - This plug-in internally uses pinned HTTPS third-party plug-in files to make HTTPS requests with certificate fingerprint verification.
- cordova-cookie-master-master - This plug-in is used for managing cookies in mobile apps. It allows you to get, set and clear cookie values from the app.
To execute the Native AJAX in your mobile apps, in the Hybrid.xml file available in your app bundle, perform the following:
- Replace the default fingerprint available in this file with your valid server certificate's fingerprint. The file will contain the default fingerprint when you package your apps with Canvas framework. This default certificate must be replaced with your server certificate's fingerprint.
Note: The server certificate's fingerprint must be either in SHA1 or SHA256 representation.
To connect to multiple servers from your app, you must provide the fingerprints of each of those servers separated by comma in the Hybrid.xml file. Ensure that all fingerprints are either in SHA1 or SHA256 representation. If they are different, CT will throw an error that the representation are not the same. Follow the representation of the first fingerprint for the rest of the fingerprints to avoid this error.
- Ensure that the ssl-validation-required property is set to 'true' in the Hybrid.xml file for the Native AJAX to be executed for all requests.
Note: If the server certificate is renewed, publish an app update after specifying the new server fingerprint in the Hybrid.xml file and inform the end user to update the app.