Hidden Salesforce Spring ’17 Security Update Could Prove Fatal for Android Apps

Android-AppsThe upcoming Salesforce Spring ‘17 release will include restrictions to its security policy for mobile applications that are submitted to the Google Play Store, something which will affect anyone running Salesforce mobile apps on Android. Read on to learn what has changed, how it may affect your apps, and how it can be fixed.

Pre-release testing uncovers unwelcome updates

An interesting discovery was made last week during a routine pre-release test for Salesforce’s Spring ‘17 update, made by our Salesforce Pre-Release QA Administrator when testing MobileCaddy in the pre-release testing box on an Android device.

This advanced testing, designed to preemptively rectify any potential challenges or unexpected errors well ahead of time, surfaced a problem where MobileCaddy apps within the Google Play Store were failing. From our position as a Salesforce Partner, we use 10 full enterprise pre-release orgs, in varying configurations, to ensure all of our apps continue to function (this includes the Apple App Store, the Google Play store, and the Salesforce App Exchange).

What’s the real issue?

The conflict which was occurring within Salesforce in this instance involved a JavaScript file within the code stored with a MIME type which will no longer be accepted for Android apps once the Spring ‘17 updates have been made. To resolve this, our Lead Product Engineer has returned to the packaging org and corrected the MIME type, sent a new package through, and now the app works as it should.

For MobileCaddy customers and partners, this means you don’t have to worry, as you’ll now have a new MobileCaddy Salesforce package on the Salesforce App Exchange, for which we’ll be scheduling upgrades in the coming weeks, causing minimal interference to your users and removing the risk of failure for you when the Spring ‘17 release is made.

Minimise the impact on your mobile apps

However, this is going to affect anyone who has an app running on Android for Salesforce without the right file type saved. Salesforce has changed its security policy in this area, so if there is code running JavaScript, it will now inspect the mime type which is recorded against that code, and anything with a MIME type stored incorrectly will be rejected. Fortunately, this issue won’t affect apps running on iOS, unlike the recent update to App Transport Security from Apple.

For those not using MobileCaddy for their Salesforce mobile apps, rather than waiting to encounter this issue yourself, it’s strongly advised you test your applications as soon as possible and make any necessary changes – or ask your relevant solution provider to do so for you – to ensure your users won’t see any negative impact on their deskless work.

Testing, maintenance, and support are key to success

This is a fine example of how crucial a support service is in addition to the development solution when it comes to enterprise mobile apps. While many businesses will simply just want an app for their Salesforce users, and won’t want to subscribe to any further support or maintenance, this virtually always means that any problems, necessary updates, or failures the app experiences will have to be dealt with when the users have already been affected, and will end up costing even more in the long run.

With MobileCaddy, not only is the cost of building your apps far lower, but thanks to our extensive testing, users also receive the long-term confidence and trust that their apps will perform no matter what, which is exponentially more valuable.

Trust Banner



Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Scroll to Top