如题,提交应用的时候,google 给回了一封邮件: 大致内容如下:
Hello Google Play Developer,
We reviewed xxx, with package name xxxx, and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user’s device, and may be considered to be in violation of our Malicious Behavior policy.
Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK.
SSL Error Handler For more information on how to address WebView SSL Error Handler alerts, please see this Google Help Center article.
我按照Google Help Center article 这个地址处理了我 onReceivedSslError
方法,跟服务器要了 https 证书的 sha256 指纹,然后比对错误证书的指纹是否和服务器的指纹一直,如果一直才去sslErrorHandler.proceed()
否则 sslErrorHandler.cancel()
。
提交之后,还是收到邮件反馈说是 ssl error handler,我也试了这里的方法stackoverflow 当出现错误的时候,弹出对话框询问用户是否继续访问,让用户决定,但是也没有用。
不知道 v 站的各位大佬有没有遇到这种情况。
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.