- Node.js
- Cordova (Optional)
- Android SDK Manager (Optional)
- An Android Emulator e.g. GenyMotion (Optional)
To run CorDy to get the instrumented code, you only need Node.js. The rest of the prerequisites are only necessary if you want to try running the instrumented code.
Before running CorDy, we need to download all its dependencies by running the following command in the root directory of CorDy:
$ npm install
To use CorDy:
$ node run.js <JS file path> <HTML file path>
The <JS file path> is the Javascript file of the cordova app while <HTML file path> is the corresponding its HTML file. After running the command, CorDy will output the instrumented Javascript code in a file named output.js.
To run CorDy on our example app, write-file-app, type the following command in the root directory of CorDy:
$ node run.js ../write-file-app/www/js/index.js ../write-file-app/www/index.html
A fully functional and executable output.js is generated.
Before running the instrumented code, please make sure that you have done the following steps
- Created and launched a virtual device on your Android emulator
- Installed Android SDK 19
- Installed Cordova CLI tool
Next, you can try to replace the index.js of write-file-app with output.js and run as per a normal cordova app.
Type the following command in the root directory of write-file-app:
$ cordova run android
To see the logcat of the running app:
$ adb logcat
You can try to create and write some contents into a file and you will see a warning in the logcat:
12-01 02:02:47.692 2790 2790 I chromium: [INFO:CONSOLE(9)] "CORDY WARNING: Line 72 of the original JS file might be tainted.", source: file:///android_asset/www/js/index.js (9)