Google Play Store Security Alert

Discussion in 'General Discussion' started by rs91, Dec 11, 2015.

  1. Salvatore

    Salvatore Member

    Joined:
    Feb 3, 2015
    Messages:
    149
    Likes Received:
    23
    Need an update from @appyet team.
    Please help!


    Security alert

    Your application has an unsafe implementation of the WebViewClient.onReceivedSslErrorhandler. Specifically, the implementation ignores all SSL certificate validation errors, making your app vulnerable to man-in-the-middle attacks. An attacker could change the affected WebView's content, read transmitted data (such as login credentials), and execute code inside the app using JavaScript.
    To properly handle SSL certificate validation, change your code to invokeSslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise. An email alert containing the affected app(s) and class(es) has been sent to your developer account address.

    Please address this vulnerability as soon as possible and increment the version number of the upgraded APK. For more information about the SSL error handler, please see our documentation in the Developer Help Center. For other technical questions, you can post to https://www.stackoverflow.com/questions and use the tags “android-security” and “SslErrorHandler.” If you are using a 3rd party library that’s responsible for this, please notify the 3rd party and work with them to address the issue.

    To confirm that you've upgraded correctly, upload the updated version to the Developer Console and check back after five hours. If the app hasn't been correctly upgraded, we will display a warning.
     
    #21
  2. max-de-bons-plans

    Joined:
    Feb 19, 2015
    Messages:
    33
    Likes Received:
    6
    "tunnel effect" nightmare of project management
     
    #22
    Salvatore likes this.
  3. appyet

    appyet Support Team Member
    Staff Member

    Joined:
    Feb 2, 2015
    Messages:
    1,329
    Likes Received:
    453
    it will be fixed in upcoming release in few days
     
    #23
    Abdoel and Salvatore like this.
  4. Salvatore

    Salvatore Member

    Joined:
    Feb 3, 2015
    Messages:
    149
    Likes Received:
    23
    Tanks for your job
     
    #24
  5. mundodequimeras

    mundodequimeras New Member

    Joined:
    Jun 11, 2015
    Messages:
    4
    Likes Received:
    0
    Someone lost the app in google play for this mistake? At the moment only it gives the warning.

    appyet, any solution?
     
    #25
  6. appyet

    appyet Support Team Member
    Staff Member

    Joined:
    Feb 2, 2015
    Messages:
    1,329
    Likes Received:
    453
    this will be fixed in up coming release in few days
     
    #26
  7. John89

    John89 New Member

    Joined:
    Feb 10, 2016
    Messages:
    29
    Likes Received:
    6
    Thanks Appyet Team.
     
    #27
  8. Antranix

    Antranix New Member

    Joined:
    Mar 6, 2015
    Messages:
    15
    Likes Received:
    1
    Hablas español???, ya encontraste alguna solución a esa alerta que pone Google Play?
     
    #28
  9. Salvatore

    Salvatore Member

    Joined:
    Feb 3, 2015
    Messages:
    149
    Likes Received:
    23
    No i abla ITALIANO. Solution cooming soon
     
    #29
  10. Salvatore

    Salvatore Member

    Joined:
    Feb 3, 2015
    Messages:
    149
    Likes Received:
    23
    this will be fixed in up coming release in few days
     
    #30
  11. edo

    edo Member

    Joined:
    Oct 5, 2015
    Messages:
    33
    Likes Received:
    3
    Now already 2017 and will be 2018 lol. Need front page with user name n password hehehe....
    Hi friend, what is our Group in Our 1Social app ? Long time I leave that
     
    #31
  12. appyet

    appyet Support Team Member
    Staff Member

    Joined:
    Feb 2, 2015
    Messages:
    1,329
    Likes Received:
    453
    @edo you bring up a old thread, this "unsafe implementation of the WebViewClient.onReceivedSslErrorhandler" should already fixed in current production version. Report back if it is still a issue
     
    #32
    krees likes this.
  13. edo

    edo Member

    Joined:
    Oct 5, 2015
    Messages:
    33
    Likes Received:
    3
    Yes, sorry. I bring up : need frontpage password.
    Regarding : "unsafe implementation of the WebViewClient.onReceivedSslErrorhandler", yes already solved long time ago, and thank you.
    Dont worry, I am very old user, using appyet, hahahaha
     
    #33
  14. edo

    edo Member

    Joined:
    Oct 5, 2015
    Messages:
    33
    Likes Received:
    3
    See in our 1Social, there is a user name and password.
    I want appyet like that.
     
    #34

Share This Page