Mobile Platform as a Service:Use mPaaS 10.2.3 and adapt mPaaS 10.2.3 to iOS 16

Baseline description

This baseline is based on the latest product set of Mobile PaaS (mPaaS) 10.1.68.53. Before you merge the baseline, you need to integrate the modifications, new components, compliance enhancement, and other capabilities of various custom baselines. The following features are involved:

Security compliance

Security Guard SDK provides enhanced security capabilities and supports the digital signatures using Chinese national cryptography.

New components

• mPaaS GMSSL (private cloud)

• Mobile Dispatch Center (MDC)

• Application Performance Management (APM)

• Face verification (private cloud)

• Mobile terminal environment detection (private cloud)

• Mobile Threat Awareness Platform or device risk consulting (private cloud)

• Intelligent Dual-Recording System

Update components

• OpenSSL is fully upgraded to solve conflicts with open source libraries.

• AlipaySDK is upgraded for the adaptation to iOS 16.

Upgrade the baseline

You can select an upgrade method based on your current baseline version.

Current baseline: 10.1.68 primary baseline

Upgrade based on CocoaPods

To install the latest SDKs of the baseline version 10.2.3, perform the following steps:

Current baseline: a custom baseline other than 10.1.68

If you do not know whether to switch to the 10.2.3 baseline, you can search for group number 41708565 to join the DingTalk group and consult mPaaS Customer Service.

Update configurations

Configure the version of Security Guard images to V6

In the 10.2.3 baseline, the Security Guard SDK has been upgraded to support digital signatures using Chinese national cryptography. Therefore, after the upgrade, you need to replace the version of Security Guard images with the V6 version. When you use the 10.1.68 baseline, the version of Security Guard images is V5 by default. To use a plug-in to generate the image in the V6 version and replace the original Security Guard image file, that is, yw_1222.jpg, perform the following steps:

Hotpatch update

If you want to integrate the hotpatch feature into the current project, you can consult mPaaS Customer Service to upgrade the Hotpatch SDK.

Security protection configuration

When you develop an app based on the mPaaS framework, the app that uses the HTML5 Container or Mini Program SDK calls JavaScript API (JSAPI) more often. In order to prevent app abuse when loading external pages, we recommend that you verify the URL when you open the URL and call the JSAPI. In this case, you need to make sure that only the URL within an app can be loaded to open or restrict JSAPI scopes and permissions of the URL. This can avoid the problems when authentication is not performed.

For information about specific authentication methods, see the following documents:

1. Set JSAPI authentication.

2. Set the URL whitelist.

API changes

Changes of API usage are not involved in this adaptation.

Adapt to iOS 16

Apple released iOS 16 in September 2022. The apps must be adapted to new system features and APIs of iOS16.

The adaptations for iOS 16 mainly involve updating screen orientation methods, using the clipboard, and using pictures. The following components are involved:

For the apps that use the preceding components, you need to perform the complete test and verification under iOS 16 to ensure functionality, compatibility, and stability.