Configuration Options for Android
- 15 May 2025
- 23 Minutes to read
- Print
- DarkLight
- PDF
Configuration Options for Android
- Updated on 15 May 2025
- 23 Minutes to read
- Print
- DarkLight
- PDF
Article summary
To debug your app configuration, enable debug mode, which disables certain security features for easier testing. However, this mode must be turned off for production apps. When installing shielded APKs or AABs via ADB, use the "allow test packages" option to avoid errors. The QUERY ALL PACKAGES permission is restricted by Google for new apps and updates, but is necessary for the checkUntrustedInstaller feature, which ensures PCI compliance by checking for untrusted installations. If this permission is needed, a Declaration Form must be submitted to Google Play. App Shielding allows uploading up to 10 custom signer certificates to verify app signatures. Additionally, options exist to manage app shutdown behavior upon security policy violations and to optimize launch performance by limiting bindings and using a Least Recently Used cache for improved efficiency. Proper configuration is crucial to maintain security while ensuring app performance.
Did you find this summary helpful?
Thank you for your feedback
Debug your configuration
You can run your configuration in debug mode. Several security features are disabled in this mode to ease the testing of the app during development.
Debug mode must be disabled for a production app! When enabled, the shielded apk or aab is configured in debug mode (i.e. android:testOnly="true" in AndroidManifest.xml). The allow test packages option (i.e. -t) must be used when installing the apk or aab via adbto avoid the INSTALL_FAILED_TEST_ONLY error (e.g. adb install -t myapp.apk).
Configuration options
To configure App Shielding for your applications, select the options on the Configuration Page of the OneSpan Mobile Portal as needed.
Configuration options | |
Option | Description |
|---|---|
Query All Packages Permission | |
Query All Packages Permission | Applications which are compiled for Android 11 and later (compileSdkVersion) have to declare the configuration option queryAllPackagesPermission. For more information, see QUERY_ALL_PACKAGES permission. |
Obfuscation & Rules | |
Obfuscate with Default Rules | Specifies whether to enable class name obfuscation for all classes of the application by incorporating a default rule set to exclude certain well-known exceptions. If this option is not enabled, only App Shielding-related classes will be obfuscated. |
Rules.cfg | You can customize the settings for obfuscation by defining rules in the Rules.cfg file. This determines how App Shielding will modify the Android application, especially in the context of shielding and obfuscation (see Configuration of Shielding Tool rules). This feature is only available if Obfuscate with Default Rules is disabled. |
Screenshots | |
Block screenshots | Determines whether to prevent that screenshots of the app are taken. Screenshots can only be blocked on Android version 4.4 and later. This protection applies to both user and system screenshots. System screenshots are automatically taken when recently used applications are listed. You can also exclude an activity from this block if your app wants the users to take a screenshot, for instance to verify payments, receipts etc. Exclude an activity with the Shielding Tool rule allowScreenshotsForActivity: Add an allowScreenshotsForActivity rule to .my-rules.cfg to tell App Shielding to allow screenshots if the specified activity is visible, even if the Block screenshots option is enabled. |
Rooting | |
Check rooting | Checks if the device on which the app runs is rooted. |
Check rooting deep scan | Performs additional scanning of executable files to look for potential root shells. This scan can potentially detect more threats, but there is also the risk of false positives. The app will consume more battery and will take longer to launch. A complete file system scan can take anywhere from a few seconds to several minutes, depending on the device. The scan looks for files with suid or sgid attributes or files that look like an su binary. The result of the scan is reported to the ExtendedObserver interface with the FILESYSTEM_SCANNING and FILESYSTEM_WATCHING callbacks. The file system scan is only started once at the start of the application. One consequence is that if an ExtendedObserver implementation is added after the initial scan was started, that observer might not receive all file-system scanning callbacks. If Exit on rooting is enabled in addition to this check, and the scan detects an su binary, the application is terminated. Enabling this option is only recommended for fraud-detection or reporting via callback rather than for strict enforcement of root detection (Exit on rooting). This option is known to cause false positives on some devices due to anomalies on the device introduced by device vendors. |
Exit on rooting | Determines whether to exit the app when the device is rooted. |
Exit on rooting heuristics threshold | Rooting can be detected by calculating a rooting heuristics threshold. With this option you determine whether to exit the application when the configured setting and underlying threshold value is reached. If App Shielding is sure that the device is rooted, and the Exit on rooting option is enabled, the application will shut down. Possible values:
If this option is not set or set to Permissive, App Shielding will not shut down the application based on the heuristics detection. The default setting is Restrictive. Depends on: Exit on rooting |
Exit on rooting URL | The URL of a web page with an explanation to launch when the app is shut down because it runs on a rooted device. For more information, see Exit URL Launching on Android. Depends on: Exit on rooting |
Unlocked bootloader detection | |
Check bootloader status | Checks if the bootloader has been unlocked, which allows the device to be flashed and rooted. An unlocked bootloader also suggests that the device might be running a custom and/or malicious OS. |
Exit on bootloader status | Determines whether to exit the app if an unlocked bootlader is detected. Depends on: Check bootloader status |
Exit on bootloader status URL | The URL of a web page with an explanation to launch when the app is shut down because an unlocked bootloader has been detected. For more information, see Exit URL Launching on Android. Depends on: Exit on bootloader status |
Hooking Frameworks | |
Check hooking frameworks | Checks the app for Java-level code hooks created by hooking tools and frameworks. For more information see Code injection protection. |
Exit on hooking frameworks | Determines whether to exit the app if a hooking framework or Java-level hooks are detected. Depends on: Check hooking frameworks |
Exit on hooking frameworks URL | The URL of a web page with an explanation to launch when the app is shut down because a Java-level or hooking framework or was detected. For more information, see Exit URL Launching on Android. Depends on: Exit on hooking frameworks |
Native Code Hooks | |
Check native code hooks | Checks if there are hooks in the native code. |
Exit on native code hooks | Determines whether to exit the app when there are hooks in the native code. In production versions of App Shielding this option is always enabled and cannot be disabled. |
Exit on native code hooks URL | The URL of a web page with an explanation to launch when the app is shut because a native code hook was detected. For more information, see Exit URL Launching on Android. Depends on: Exit on native code hooks |
Repackaging | |
Check repackaging | Checks if the app was repackaged. You also need to set the Application Signer Certificate option to configure this check. Depends on: Application Signer Certificate |
Exit on repackaging | Determines whether to exit the app when it was repackaged. In production versions of App Shielding this option is always enabled and cannot be disabled. |
Untrusted installer | |
Check untrusted installer | Checks if any application on the device has been installed via unknown and/or untrusted sources . This option can only be enabled when the Query All Packages permission is set! |
Exit on untrusted installer | Determines whether to exit the app when one or more untrusted source applications are installed on the device. Depends on: Check untrusted installer |
Exit on untrusted installer URL | The URL of a web page with an explanation to launch when the application is shut down because an untrusted source application was detected. For more information, see Exit URL Launching on Android. Depends on: Exit on untrusted installer |
Check untrusted installer mode | The configuration for the untrusted installer check. Set one of the following values:
Depends on the setting of Query All Packages Permission and checkUntrustedInstaller! |
Additional Trusted Installer Signatures | This option allows adding the signing certificate of a trusted app store to an allowlist when the Check untrusted installeroption is enabled. With this option, you can add multiple certificates to include multiple app stores to the allowlist. Add each certificate in a new line of this input field to allow multiple app stores! Depends on: Check untrusted installer |
Process Name Cloak | Determines how App Shielding cloaks the process name fo the app. On starting a shielded app, App Shielding cloaks the application ID in /proc/seld/cmdline by selecting a random name from a list. This makes it harder for an attacker to automatically detect your application. |
Application Signer Certificate | |
Application signer certificate | This option provides the certificate used to sign the app. You can upload up to 10 certificates. This option is not compatible with the Updatable configuration option. For more information, see Application signer certificate. |
Original certificate | Insert the original certificate, if the original application is already signed. |
AliPay Support | This option helps to prevent the application from terminating unexpectedly which may happen when AliPay is used. This option should be enabled to support AliPay in such situations. |
Flutter Webview Support | This option provides support to add WebView in Flutter. When you enable this option, the Block screenshots option must be disabled! |
Private Space and Work Profile | |
Check Private Space or Work Profile | Checks if the application runs inside a Private Space (Android 15), or a Work Profile like Google Workspace, Samsung Secure Folder, Xiaomi Dual Apps, Microsoft Workspace etc. When an application runs in a Private Space, or Work Profile, App Shielding cannot verify if a keyboard or screen reader is trusted or not, because Android does not reveal that information to apps running in a Private Space or Work Profile. Thus, if Block untrusted screenreaders is enabled (that is the default configuration) and the application runs inside a Private Space or a Work Profile, App Shielding blocks any screen reader, whether it is trusted or not. |
Exit on Private Space | Determines whether to exit the app when the application is launched from inside a Private Space or Work Profile. Depends on: Check Private Space or Work Profile |
Exit on Private Space URL | The URL of a web page with an explanation to launch when the application is shut down because it was launched from a Private Space. For more information, see Exit URL Launching on Android. Depends on: Exit on Private Space |
App in Virtual Space | |
Check app in virtual space | Checks if the application is launched via a virtual space app. If this option is enabled, App Shielding will detect if the application was launched as a copy inside applications such as Parallel Space, Dual Space, or similar. |
Exit on app in virtual space | Determines whether to exit the app when the application is launched via a virtual space app. Depends on: Check app in virtual space |
Exit on app in virtual space URL | The URL of a web page with an explanation to launch when the application is shut down because it was launched via a virtual space app. For more information, see Exit URL Launching on Android. Depends on: Exit on app in virtual space |
Trusted Virtual Space App Signatures | This option allows adding the signing certificate of a trusted virtual space app to an allowlist. With this, App Shielding accepts all virtual space apps signed with this certificate. You can add multiple certificates with the Trusted Virtual Space App Signatures option to include multiple apps to the allowlist. Add each certificate in a new line of this input field to allow multiple applications! Depends on: Check app in virtual space |
Android Debug Bridge | |
Check adb status | Checks if adb is active on the device. |
Exit when adb enabled | Determines whether to exit the app if adb is enabled on the device. Depends on: Check adb status |
Exit when adb enabled URL | The URL of a web page with an explanation to launch when the application is shut down because adb is enabled on the device. For more information, see Exit URL Launching on Android. Depends on: Exit when adb enabled |
Java Debugger | |
Block Java debugger | Block Java debuggers from attaching to the app. During development, this setting may cause development tools to behave in unexpected ways, and this option should only be used for production builds (release versions). In production versions of App Shielding this option is always enabled and cannot be disabled. |
Check Java debugger | Checks if a Java-level debugger is attached to the application. We recommend also using the Block Java debugger option, as this will already prevent any debuggers from attaching to the application's process. This feature may be useful in cases where blocking the Java debugger interface fails. |
Exit on Java debugger | Enable to exit the application when a debugger is attached. If the Block Java Debugger option is enabled, this is unlikely, but can happen if the Android system is modified or otherwise incompatible with the current blocking mechanism. |
Exit on Java debugger URL | The URL of a web page with an explanation to launch when the application is shut down because a debugger has been detected. For more information, see Exit URL Launching on Android. Depends on: Exit on debugger |
Developer Options | |
Check developer options | Checks if Developer Options is enabled on the device. |
Exit when developer options enabled | Determines whether to exit the app if Developer Options is enabled. Depends on: Check developer options |
Exit when developer options enabled URL | The URL of a web page with an explanation to launch when the application is shut down because Developer Options is enabled on the device. For more information, see Exit URL Launching on Android. Depends on: Check developer options |
Emulator | |
Check emulator | Checks if the application is run in an emulator, the official Android SDK emulators, or typical virtualization environments. |
Exit on emulator | Determines whether to exit the app when it is running in an emulator. |
Exit on emulator URL | The URL of a web page with an explanation to launch when the application is shut down because the app is run in an emulator. For more information, see Exit URL Launching on Android. Depends on: Exit on emulator |
Emulated Input | |
Check Emulated Input | Checks if the input to the application is emulated or physical. Non-physical inputs (motion events) are characterized as emulated input. By default, this option is enabled in the OneSpan Mobile Portal Configuration page. |
Block emulated input | Blocks emulated input that is injected into the screen. Input from all sources except physical input will be blocked. By default, this option is disabled in the OneSpan Mobile Portal Configuration page. When you enable Block emulated input, the portal displays the Emulated input threshold field where you can enter a number. The recommended value for this threshold is between 30 and 35. By default, this value is set to 31. For more information, see Emulated input. Depends on: Check Emulated Input |
Emulated input threshold | App Shielding assigns a score value for each input to determine if the input is emulated. Any input scores above this threshold will be considered as emulated. The recommended threshold is between 30 and 35. When you enable the Block emulated input option, the OneSpan Mobile Portal displays this field, and you can enter the required number. By default, this is set to 31. |
Exit on Emulated Input | Determines whether to exit the app when emulated input is detected. By default, this option is disabled in the OneSpan Mobile Portal Configuration page. Depends on: Check Emulated Input |
Exit on Emulated Input URL | The URL of a web page with an explanation to launch when the application is shut down because emulated input injection has been detected. For more information, see Exit URL Launching on Android. Depends on: Exit on Emulated Input |
Screen mirroring | |
Check screen mirroring | Checks for external screens, or screen mirroring such as ChromeCast, MiraCast, AllShare Cast, Samsung Smart View, and others. Screen mirroring and detection of screen mirroring is available for Android 4.2 (API level 17) and later. |
Block screen mirroring | Block external screens by drawing an empty view or a customized layout on the secondary displays (see App Shielding screen mirroring). The Check screen mirroring option must be enabled for block screen mirroring to work. When active mirroring is detected, the blocking functionality prevents screen rotation and thus flickering for the duration of the rotation. This flickering would otherwise show the original screen on the projected display. Depends on: Check screen mirroring |
Additional Display Name | This setting allows adding a trusted display by entering one or several additional display names in this input field to avoid false positive screen mirroring or screen sharing detection. By default, this field is empty on the Configuration page in the OneSpan Mobile Portal. |
Trusted Keyboard | |
Check trusted keyboard | Checks if the currently used software keyboard is trusted. By default, all system installed keyboards are trusted. It is possible to add specific trusted third-party keyboards using the Additional trusted keyboard signatures option. |
Exit on untrusted keyboard | Determines whether to exit the app when the currently used software keyboard is untrusted. Depends on: Check trusted keyboard |
Exit on untrusted keyboard URL | The URL of a web page with an explanation to launch when the application is shut down because an untrusted keyboard has been detected. For more information, see Exit URL Launching on Android. Depends on: Exit on untrusted keyboard |
Trusted keyboards | With this option you can add the signing certificate of a trusted software keyboard to an allowlist. All keyboards signed with this certificate would then be accepted by App Shielding. You can add multiple trusted keyboards to the allowlist. Add each signature in a new line of this input field to add multiple signatures! Depends on: Check trusted keyboard Please contact OneSpan Support if you need to validate the values for this option. |
Trusted Screenreaders | |
Check trusted screenreaders | Checks if any currently active screen readers are trusted. If this option is enabled, any screen readers that are installed but not used will not be considered. It is possible to add trusted third-party screen readers to an allowlist by using the Trusted screenreaders option. |
Block untrusted screenreaders | Blocks screenreaders if a currently active untrusted screen reader is found. Blocking works in two scenarios:
If an untrusted screenreader is detected, all screenreaders will be blocked because it is impossible to block screenreaders selectively. Depends on: Trusted screenreaders |
Exit on untrusted screenreaders | Determine whether to exit the app when one or more of the active screen readers are untrusted. Depends on: Check trusted screen readers |
Exit on untrusted screenreaders URL | The URL of a web page with an explanation to launch when the application is shut down because an untrusted screen reader has been detected. For more information, see Exit URL Launching on Android. Depends on: Exit on untrusted screenreaders |
Trusted screenreaders | Hash of the certificate of a trusted screen reader's signatures. Depends on: Trusted screenreaders Please contact OneSpan Support if you need to validate the values for this option. |
Tapjacking | |
Check tapjacking | Checks if the input to the application is obscured by a non-system overlay. |
Block tapjacking | This option prevents input from being dispatched to the application when a non-system overlay is detected on the screen. If your application uses a legitimate overlay window, we recommend keeping this configuration option disabled and implement the event blocking yourself to allow for exceptions. For more information, refer to the Android Developer documentation. |
Block non-system overlays | On Android 12 (API level 31) and later, this option prevents non-system overlays from appearing over the application and removes any existing overlays when the application is in use. If your app uses a legitimate overlay window, we recommend keeping this configuration option disabled and implement the event blocking yourself to allow for exceptions. |
Shutdown Immediately | Determine whether to exit the app immediately when a security policy problem is detected. For more information, see Shutdown immediately. |
Advanced debug guard | Executes security checks to ensure authenticity of the App Shielding guard component. If enabled, App Shielding sends secret commands to the guard component and expects predefined results. It prevents usage of third party debuggers, even if the guard component is circumvented. This option might have a negative effect on performance during runtime. |
Binding | |
Limit binding on classes | Reduce the number of bindings per class to a minimum. This stops extraction after the first class binding has been extracted. This option speeds up the application startup, however it also reduces the security provided by App Shielding. When using this option, less data can be bound. Use this option only if the number of bindings is very high and it slows down the application startup. |
Limit binding on methods | Reduce the number of bindings per method to a minimum. This stops binding extraction inside a specific method after a binding has already been extracted. This option speeds up the application startup, however it also reduces the security provided by App Shielding. Enabling Limit binding on classes also implies that Limit binding on methods is enabled. When using this option, less data can be bound. Use this option only if the number of bindings is very high and it slows down the application startup. |
Push binding | Limits the push binding that is performed upon application startup. This option speeds up the application startup, however it also reduces the security provided by App Shielding. When using this option, only one binding method is used (pull binding), and thus less data can be bound. Use this option only, if the number of push bindings is very high, and if it slows down the application startup. |
Architecture support | |
Add support of architectures automatically | If you select Automatic, App Shielding will try to determine the supported architectures by searching for native libraries present in the application. If no native libraries are present, all platforms will be supported. |
PIPL Support | |
PIPL Support | Enables support to comply with China’s Personal Information Protection Law (PIPL) for app distribution in China. If enabled, postpones certain checks either partially or fully. For more information, see Integrate App Shielding for App Distribution in China. |
PIPL Support without Consent Activity | Disables PIPL consent activity. Integrators are still able to notify App Shielding of granted consent through the SDK. This configuration option is intended for applications with a single-activity architecture. |
Updatable configuration | |
Updatable configuration | Determines whether the app will use the Automatic Configuration feature. When App Shielding has been integrated in existing apps, the Automatic Configuration feature allows you to deploy a new configuration of App Shielding without the need to re-deploy and re-publish the apps through the various app distribution channels. For more information, see App Shielding configuration. |
Additional notes
QUERY_ALL_PACKAGES permission
With the declaration of the Query All Packages permission configuration option, Google restricts apps and packages from viewing other apps / packages installed on an Android device.
As of July 2022, Google Play has restricted the use of privacy sensitive Android permissions, such as QUERY_ALL_PACKAGES, for all new apps or app updates submitted.
An app with this permission can see and access details of all other installed apps on the device.
App Shielding does not require this permission by default, however, one feature — checkUntrustedInstaller — requires the QUERY_ALL_PACKAGES permission to work correctly.
The checkUntrustedInstaller configuration option is intended to be used for apps that require PCI compliance. When this feature is enabled, App Shielding will check if any apps are either side-loaded or installed from non-trusted app sources. This check is performed inside the app, and fundamentally depends on the QUERY_ALL_PACKAGES permission in order to work.
If an application needs to use the QUERY_ALL_PACKAGES permission, or otherwise requires the checkUntrustedInstaller configuration option to be enabled, then the application owner needs to use the Declaration Form in Google Play Console to get acceptance for using this permission.
If the application owner does not submit a declaration form, or if the permission has not been granted, any app updates may be rejected, or the application may be removed from Google Play.
The Shielding Tool normally enables required permissions automatically by default. However, the Shielding Tool will only enable QUERY_ALL_PACKAGES if both the queryAllPackagesPermission and checkUntrustedInstaller are enabled.
Only enable the queryAllPackagesPermission configuration option if this has been explicitly granted by Google Play.
Reference links: QUERY_ALL_PACKAGES Permission, Package visibility filtering on Android.
OneSpan strongly recommends reading the reference links before setting this value. If queryAllPackagesPermission is enabled, the Shielding Tool will insert android.permission.QUERY_ALL_PACKAGES permission to AndroidManifest.xml. Enabling the queryAllPackages permission is going to indicate to App Shielding and the Shielding Tool that the permission is granted by Google Play Console.
If the Query All Packages permission is disabled but e.g. the checkUntrustedInstaller check is switched on, the shielding of the application will fail because the checkUntrustedInstaller requires the Query All Packages permission to be enabled. In contrast, if both settings are either enabled or both are disabled, the shielded .apk file can be downloaded from the OneSpan Customer Portal or OneSpan Mobile Portal.
Application signer certificate
This option defines the signer certificate(s) that App Shielding trusts when checking for repackaging. When App Shielding verifies the signature of the application, it validates if the configured certificate(s) match. That is, App Shielding assumes the app has been repackaged if the certificate used to sign the app does not match any of the certificates provided here.
You can upload up to 10 custom certificates. This allows you to sign applications from different environments via the submitted configuration after the application has been shielded.
In the following scenarios, some of the uploaded certificates will be removed from your configuration:
When you use App Shielding as of version 7.3.1-a and upload multiple certificates but then change to an earlier version of App Shielding, you must select which certificate to keep, the other certificates will be removed.
When you have uploaded multiple certificates but select in your configuration Application signer certificate > Original certificate, all the uploaded certificates will be deleted and App Shielding adds the original certificate.
The format of the certificates can be the PEM or Base64-encoded DER version of the certificate, or one of the following values:
Custom certificate
Default value. Resolves to the signing certificate configured for the Shielding Tool if the Shielding Tool will sign the target app. For more information, see Signing the Application on Android. If the Shielding Tool will not sign the app, then the original certificate is used. Otherwise, an error is thrown.
Original certificate
Inserts the original certificate, if the original application is already signed. If the application is not signed, or the Shielding Tool fails to extract the certificate, an error is thrown.
The public certificates can be safely extracted from the keystore you will use to sign the app. Upload the certificates in .pem, .der or .cer format. Certificates can be exported from the keystore with the following command:
keytool –keystore $keystore_file –storepass $keystore_password –alias $keyname –exportcert –rfc –file cert.pemIf the original application is already signed, it is possible to insert the original certificate with the corresponding option.
Shutdown immediately
This option determines whether to exit the app immediately when a security policy problem is detected. If this option is enabled, the app will simply exit as soon as possible. If this option is disabled, an error reporting will be processed, andApp Shielding will throw a Java exception and give the user a 30-second grace period to report the problem to Google Play.
A 30-second grace period gives an attacker a time window to perform an attack on the app, even after the app has shut down. However, shutting down immediately may have some side effects such as Android re-launching the app. This may lead to the app launching and exiting in an infinite loop on most Android devices and should therefore be used with care.
For more information about error reporting, see App Shielding Error Reporting on Android.
Launch performance
With very large apps, launch times can suffer from having a very large number of bindings. The purpose of binding is first and foremost to ensure that the app cannot be decoupled from App Shielding to run the app in a less secure manner. However, after a certain point of adding bindings, no real value or benefit is added from a security point of view.
If the app becomes too slow during launch, the following options can be explored to reduce the number of bindings extracted:
Limit binding on classes
Limit binding on methods
Disable push binding
The options to limit bindings per class and method minimize the number of bindings per class and method, respectively, ensuring that there is at least one such binding. This will reduce the number of bindings significantly for most apps, and at the same time retain a good distribution of bindings.
The downside of using these options is that constants such as strings are not as aggressively removed from the code, which reduces the obfuscation side-effect of binding.
Least Recently Used Cache
To further improve performance, you can also use the bindingCache option in a rules file to specify which percentage of pull bindings to store in a Least Recently Used (LRU) cache. For example:
bindingCache { max-size 4% }Without an LRU cache in place, every retrieval of a pull binding value requires a call to a native method. This is more secure but comes with a performance cost. With the LRU cache enabled, the most recently used strings are stored on the Java side after their initial retrieval, reducing the number of native calls.
A good cache size depends on the application and how it uses strings, but 4% is a good starting point. If you integrate a debug version of App Shielding (using the --debug command line option), you can monitor the cache activity in the logs and adjust the max-size based on your findings.
A cache log looks like the following example:
03-10 12:57:53.033 26159 26184 D ShieldSDK: Pull bindings
LruCache[maxSize=185,hits=416,misses=110,hitRate=79%]The logs contain the following information:
Configuration options | |
Data | Description |
|---|---|
maxSize | The size of the cache, which depends on the number of pull bindings and the configured max-size percentage. |
hits | The number of strings found in the cache. |
misses | The number of times the cache needed to ask the native code for a string. |
hitRate | The percentage of calls that were hits. This should be neither too high (i.e., too much is being cached) nor too low (i.e., there is no performance gain). |
Was this article helpful?