Skip to content

feat: Rerun checks when coming from background #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
meetp-interpay opened this issue Apr 4, 2023 · 7 comments
Open

feat: Rerun checks when coming from background #40

meetp-interpay opened this issue Apr 4, 2023 · 7 comments
Assignees
Labels
enhancement New feature or request

Comments

@meetp-interpay
Copy link

I have added free-rasp at the entry point of our app. When app is open for the first time, all call-backs coming from andoirdCallbacks are working.

But then, I will press back button from android device, the app is closed, and when I will open the app again (without clearing app from Recent menu) then call-backs are not working. If I remove app from Recent menu, and then open the app again then it is working again.

Technically, if app is open at any point of time, call-backs should work.

Using freerasp 3.0.1 version.

@meetp-interpay meetp-interpay added the bug Something isn't working label Apr 4, 2023
@tompsota
Copy link
Member

tompsota commented Apr 5, 2023

Hello @meetp-interpay,

freeRASP runs the initial checks immediately after the app was started. However, after that, the checks are run periodically, which means that you might want to wait for a couple of minutes before you see the threats being detected. This applies also for your described use case.

Please, try to leave the app running for up to 10 minutes after you bring it back from background. The checks should start to fail.

Don't forget to let us know if this solved the problem.

Best,

Tomas, Talsec developer

@meetp-interpay
Copy link
Author

Hello @tompsota ,

Thanks for your response.

Just wanted to know, does this will be the same behaviour for commercial version (Business RASP+, AppiCrypt) or is this only in freeRASP ?

@tompsota
Copy link
Member

tompsota commented Apr 6, 2023

Hello @meetp-interpay,

you will not encounter this issue in the commercial version of our libraries. There are additional API options that enable the wrapper to update all checks when the application lifecycle changes. Unfortunately, this is not possible in freeRASP at the moment. We will look at this issue in freeRASP as well in the near future.

Best regards,

Tomas, Talsec developer

@meetp-interpay
Copy link
Author

Okay, that will be fine.

Thanks

@msikyna msikyna added enhancement New feature or request and removed bug Something isn't working labels Apr 19, 2023
@yardexx yardexx changed the title Call-back Issue feat: Rerun checks when coming from background Jun 5, 2023
@yardexx yardexx transferred this issue from talsec/Free-RASP-Flutter Jun 17, 2024
@deepanshushukla
Copy link

@tompsota Can you expose these function as synchrounous api which returns threat boolean value when called

@hanishSplenta
Copy link

hanishSplenta commented Apr 4, 2025

Hello @meetp-interpay,

freeRASP runs the initial checks immediately after the app was started. However, after that, the checks are run periodically, which means that you might want to wait for a couple of minutes before you see the threats being detected. This applies also for your described use case.

Please, try to leave the app running for up to 10 minutes after you bring it back from background. The checks should start to fail.

Don't forget to let us know if this solved the problem.

Best,

Tomas, Talsec developer

@tompsota Is there any solution where we can dispose it and call again?

@tompsota
Copy link
Member

tompsota commented Apr 7, 2025

Hello,

@deepanshushukla, due to other security concerns, we do not provide synchronous API to trigger the RASP security audit. However, we are working on an enhanced version of the freeRASP API, which should partially resolve your issues. Stay tuned for that!

@hanishSplenta, in freeRASP, there isn't currently a way how to force start the security audit. However, with Talsec, we offer additional solutions to help overcome this limitation:

  1. RASP+
    RASP+ allows you to customize the detection interval in your own SDK build to better match your requirements. We’re also working on a dynamic interval management feature, which will give you even more control over how frequently each check runs. Additionally, RASP+ includes built-in threat responses, so you won’t have to wait for callbacks to react to detections.
    For more details on the differences between freeRASP and RASP+, check out our GitBook: https://docs.talsec.app/freerasp/features-and-pricing-plans/the-key-differences-freerasp-vs.-rasp+
  2. AppiCrypt
    AppiCrypt secures communication between your app and backend. It includes the results of the Talsec security audit, which you can verify server-side. This way, you can confirm that the device sending the request has passed the security checks before proceeding with further communication. Learn more about AppiCrypt here: https://docs.talsec.app/premium-products/appicrypt-product-page.

Let us know if you have any further questions.

Regards,

Tomas from Talsec

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
Status: Backlog
Development

No branches or pull requests

6 participants