From b37498d5f61faf37c5cbe7ca58f004ceacdffb0f Mon Sep 17 00:00:00 2001
From: Joe Bowser <bowserj@apache.org>
Date: Tue, 14 Oct 2014 10:11:09 -0700
Subject: [PATCH] Replacing Math.random() with something a little more random.

---
 framework/src/org/apache/cordova/CordovaBridge.java | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/framework/src/org/apache/cordova/CordovaBridge.java b/framework/src/org/apache/cordova/CordovaBridge.java
index 081127d5..a6ebebbd 100644
--- a/framework/src/org/apache/cordova/CordovaBridge.java
+++ b/framework/src/org/apache/cordova/CordovaBridge.java
@@ -18,6 +18,8 @@
 */
 package org.apache.cordova;
 
+import java.security.SecureRandom;
+
 import org.apache.cordova.PluginManager;
 import org.json.JSONArray;
 import org.json.JSONException;
@@ -107,7 +109,8 @@ public class CordovaBridge {
 
     /** Called by cordova.js to initialize the bridge. */
     int generateBridgeSecret() {
-        expectedBridgeSecret = (int)(Math.random() * Integer.MAX_VALUE);
+        SecureRandom randGen = new SecureRandom();
+        expectedBridgeSecret = (int)(randGen.nextInt() * Integer.MAX_VALUE);
         return expectedBridgeSecret;
     }