I’m wondering if a mobile device has multiple apps that use the cblite cordova plug-in, would the apps have access to any database? Or does cblite.getURL() ensure access restrictions to databases?
Each app is self-contained; they can’t see each others’ data. That’s important for security.
On iOS the REST API isn’t served by a TCP socket at all, but by an implementation of
NSURLProtocol. That means that it’s reachable only by client code in the same process.
The other platforms do open a TCP socket, but (a) it’s bound to the loopback interface, meaning it can’t be reached from outside the device, and (b) it uses authentication so only clients with credentials (i.e. the JS code in the Cordova app) can connect; other apps, even if they can discover the random port number, can’t guess the key.
Thanks guys for the clarification.