Security alert received from Google play store

Discussion in 'General Discussion' started by RANJIT THAKOR, Jan 4, 2016.

  1. RANJIT THAKOR

    RANJIT THAKOR New Member

    Joined:
    Oct 3, 2015
    Messages:
    2
    Likes Received:
    0
    Maru gujarat

    Security alert

    Your application has an unsafe implementation of the WebViewClient.onReceivedSslError handler. Specifically, the implementation ignores all SSL certificate validation errors, making your app vulnerable to man-in-the-middle attacks. An attacker could change the affected WebView's content, read transmitted data (such as login credentials), and execute code inside the app using JavaScript.

    To properly handle SSL certificate validation, change your code to invoke SslErrorHandler.proceed()whenever the certificate presented by the server meets your expectations, and invokeSslErrorHandler.cancel() otherwise. An email alert containing the affected app(s) and class(es) has been sent to your developer account address.

    Please address this vulnerability as soon as possible and increment the version number of the upgraded APK. For more information about the SSL error handler, please see our documentation in the Developer Help Center. For other technical questions, you can post tohttps://www.stackoverflow.com/questions and use the tags “android-security” and “SslErrorHandler.” If you are using a 3rd party library that’s responsible for this, please notify the 3rd party and work with them to address the issue.

    To confirm that you've upgraded correctly, upload the updated version to the Developer Console and check back after five hours. If the app hasn't been correctly upgraded, we will display a warning.

    Please note, while these specific issues may not affect every app that uses WebView SSL, it's best to stay up to date on all security patches. Apps with vulnerabilities that expose users to risk of compromise may be considered dangerous products in violation of the Content Policy and section4.4 of the Developer Distribution Agreement.

    Please ensure all apps published are compliant with the Developer Distribution Agreement andContent Policy. If you have questions or concerns, please contact our support team through theGoogle Play Developer Help Center.
     
    #1
  2. David S

    David S New Member

    Joined:
    May 11, 2015
    Messages:
    7
    Likes Received:
    0
    I've got the same issue, any work around for this?
     
    #2
  3. John89

    John89 New Member

    Joined:
    Feb 10, 2016
    Messages:
    29
    Likes Received:
    6
    News?
     
    #3
  4. megahz

    megahz Member

    Joined:
    Feb 15, 2015
    Messages:
    54
    Likes Received:
    9
    Hello, i got the same error @appyet can you offer an update that resolves this issue?
     
    #4
  5. Alessandro G.

    Alessandro G. Member

    Joined:
    Apr 22, 2015
    Messages:
    52
    Likes Received:
    2
    this error happens from months, probably @appyet don't know how to correct it...
     
    #5
  6. Antranix

    Antranix New Member

    Joined:
    Mar 6, 2015
    Messages:
    15
    Likes Received:
    1
    Apparently we already are multiple users with the same alert from Google Play, someone has found a solution ?
     
    #6
  7. DarShaN PanDya

    DarShaN PanDya Active Member

    Joined:
    Dec 11, 2015
    Messages:
    582
    Likes Received:
    104
    There's a Fix in the Upcoming Update! :)
    Wait for few Days! :D
     
    #7
  8. slamndar

    slamndar New Member

    Joined:
    Feb 5, 2015
    Messages:
    18
    Likes Received:
    0
    confirmed by appyet ?
     
    #8
  9. DarShaN PanDya

    DarShaN PanDya Active Member

    Joined:
    Dec 11, 2015
    Messages:
    582
    Likes Received:
    104

Share This Page