Is it feasible to have a script downloaded from the web and executed on an Cordova app for the purpose of collect client data (UUID, for instance) and make a special API call to post those data to the backend and after that the script simply vanishes from the client app ?
The reason is I don't want eavesdroppers seeing my 'setup API call', but they may see my 'normal API call' because it will not work without the setup fase completed.
I don't want others to know of such strategy by reading my code.
Is it a doable strategy? Or am I hallucinating? I know it is not perfect from a security standpoint, but what is when you're dealing with cordova on android?