1. cause

         It was found that , Your application has the ability to get users 【ANDROID ID】 Sensitive information behavior , And not in the application privacy policy / stay AppGallery Connect The privacy policy website submitted on , It does not meet Huawei's application market audit standards .

2. analysis

        The stack call information obtained from Huawei is :

"stackTrace":[
"org.apache.cordova.device.Device.getUuid(Device.java:112)",
"org.apache.cordova.device.Device.initialize(Device.java:58)",
"org.apache.cordova.CordovaPlugin.privateInitialize(CordovaPlugin.java:57)",
"org.apache.cordova.PluginManager.getPlugin(PluginManager.java:171)",
"org.apache.cordova.PluginManager.exec(PluginManager.java:122)",
"org.apache.cordova.CordovaBridge.jsExec(CordovaBridge.java:59)",
"org.apache.cordova.engine.SystemExposedJsApi.exec(SystemExposedJsApi.java:41)",
"android.os.MessageQueue.nativePollOnce(NativeMethod)",
"android.os.MessageQueue.next(MessageQueue.java:374)",
"android.os.Looper.loop(Looper.java:185)",
"android.os.HandlerThread.run(HandlerThread.java:67)"

]

        After searching for information , In the project platforms\android\app\src\main\java\org\apache\cordova\device\Device.java There is a problem with the initialization method of this class in .

        Because we get uuid, As a result, although there is control over acquisition in the project （ You must first obtain user authorization ）, But as soon as you enter app, Before obtaining user authorization , We have already obtained uuid.

3. resolvent

        1. Discard the plug-in （cordova-plugin-device）, It is applicable to situations that have little impact on business and logic ;

        2. Continue to use the plug-in , Modify the plug-in to get the native device ID The way , It is applicable to devices with complex upper logic ID When the requirements are not very strict .

        3. Custom plug in , And upload them to cordova Community , The best way , Invest more .