Make your Android PhoneGap app less scary

This post is more than 2 years old.

For folks who are used to doing native Android development, this is old news, but for folks who may be new to it and coming from a PhoneGap perspective, I wanted to share a quick tip with you to help make your apps a bit less "scary" for your users. What am I talking about? Whenever you install an Android application, the device checks the app's descriptor file to see what permissions the app needs to run. By default, a PhoneGap Android app will simply have them all enabled. This means your users may see this...


But wait, there's more....

That's three pages of text that most users won't bother reading, and those that do care will freak out since it's the app equivalent of a stranger asking to move into your house, become best friends with your dog, eat your food, and screw your spouse.

To change this, open up AndroidManifest.xml. Depending on your editor, you may get the plain text or a fancy editor. I recommend switching to plain text so you can see the following...

<uses-permission android:name="android.permission.CAMERA" /> <uses-permission android:name="android.permission.VIBRATE" /> <uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" /> <uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" /> <uses-permission android:name="android.permission.ACCESS_LOCATION_EXTRA_COMMANDS" /> <uses-permission android:name="android.permission.INTERNET" /> <uses-permission android:name="android.permission.RECEIVE_SMS" /> <uses-permission android:name="android.permission.RECORD_AUDIO" /> <uses-permission android:name="android.permission.RECORD_VIDEO"/> <uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" /> <uses-permission android:name="android.permission.READ_CONTACTS" /> <uses-permission android:name="android.permission.WRITE_CONTACTS" /> <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" /> <uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> <uses-permission android:name="android.permission.GET_ACCOUNTS" /> <uses-permission android:name="android.permission.BROADCAST_STICKY" />

This is - obviously - where your device would get the list of permissions it thinks the app requires. The docs do not make it very clear what the minimum requirements are, but from what I know (and Google), the minimum requirements are:

<uses-permission android:name="android.permission.INTERNET" />

Most Google results mention android.permission.READ_PHONE_STATE as well, but that's not available in the 2.3.3 project I just created. Keep it in mind though as it may be present in other SDK versions. Here's how the install screen looks after this change:

Raymond Camden's Picture

About Raymond Camden

Raymond is a senior developer evangelist for Adobe. He focuses on document services, JavaScript, and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support. You can even buy me a coffee!

Lafayette, LA

Archived Comments

Comment 1 by Sid posted on 2/14/2012 at 8:30 AM

No wonder why my free app is not getting any downloads :)

Comment 2 by Marco Spescha posted on 2/14/2012 at 2:19 PM

Add the permissions that you really use.
Ray is right, your app could do everything if you got full permissions. Some Users don't care, some (including me) won't even think to press the "install" button.

If you need Internet, Camera, Network-States then add only these permissions. If you only need the WebView then you have to set declare android.permission.INTERNET. Since Phonegap opens up a WebView with your index.html, I think you have to include it in all your Apps.

Comment 3 by Simon MacDonald posted on 2/15/2012 at 9:38 PM

If your app needs to use the camera you will also need the write external storage permission or you won't be able to write the image to disk.