我收到了来自Google的电子邮件,其中包含以下主题:Google Play Warning: SSL Error Handler Vulnerability". In this email, Google explains that my app has an ["unsafe implementation of the WebViewClient.onReceivedSslError handler"
这是我的方法实现(WebView Client):
public class MyBrowser extends WebViewClient {
boolean timeout;
public MyBrowser() {
timeout = true;
}
@Override
public void onPageStarted(WebView view, String url, Bitmap favicon) {
try {
progressBar.setVisibility(View.VISIBLE);
}catch(Exception e){
e.printStackTrace();
}
}
@Override
public boolean shouldOverrideUrlLoading(WebView view, String url) {
view.loadUrl(url);
return true;
}
public void onPageFinished(WebView view, String url) {
try{
progressBar.setVisibility(View.GONE);
webView.setVisibility(View.VISIBLE);
}catch(Exception e){
Log.e("Exception", e.toString());
Crashlytics.logException(e);
}
}
@Override
public void onReceivedError(WebView view, int errorCode,
String description, String failingUrl) {
isBack=true;
if (!CommonUtility.isNetworkAvailable()) {
view.loadUrl("file:///android_asset/error.html");
}
}
}
在第一次警告后,我从WebClient中删除了onReceivedSslError方法并上传了新版本,但我再次从Google Play收到了相同的警告。 他们建议我: - “看起来版本18仍然存在漏洞。请仔细检查您应用的清单文件,这次更加谨慎,以确保漏洞已经解决。”
这是我的清单文件: - (请帮助我摆脱这个问题)
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools"
package="in.test"
android:installLocation="auto"
android:versionCode="18"
android:versionName="2.0" >
<uses-sdk
android:minSdkVersion="14"
android:targetSdkVersion="21" />
<!-- GCM Permisssions -->
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" />
<!--
Creates a custom permission so only this app can receive its messages.
NOTE: the permission *must* be called PACKAGE.permission.C2D_MESSAGE,
where PACKAGE is the application's package name.
-->
<permission
android:name="in.Sptest.permission.C2D_MESSAGE"
android:protectionLevel="signature" />
<uses-permission android:name="android.permission.USE_CREDENTIALS" />
<uses-permission android:name="android.permission.GET_ACCOUNTS" />
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
<uses-permission android:name="android.permission.READ_CONTACTS" />
<uses-permission android:name="android.permission.RECEIVE_SMS" />
<uses-permission android:name="android.permission.READ_SMS" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.GET_TASKS" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<application
android:name=".application.TestApplication"
android:hardwareAccelerated="true"
android:icon="@drawable/logo"
android:label="@string/app_name"
tools:replace="android:icon,android:name" >
<activity
android:name=".LauncherScreen"
android:hardwareAccelerated="true"
android:label="@string/title_activity_main"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".MainActivity"
android:hardwareAccelerated="true"
android:label="@string/title_activity_main"
android:noHistory="false"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".URLActivity"
android:label="@string/app_name"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".SplashActivity"
android:label="@string/app_name"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".activities.ActivityIntro"
android:label="@string/app_name"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<activity
android:name=".Login_test"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".fragment.FragmentActivityNumberVerification"
android:icon="@drawable/app_icon"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".BrowserScreen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".activities.TermsActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".DataCardRecharge"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".UserFeedBack"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".PostpaidMobileRecharge"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".PrepaidMobileRecharge"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".Recharge"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".RailBooking"
android:label="@string/title_activity_launcher_screen"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ProfileDetails"
android:label="@string/title_activity_profile_details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".RailTransactionhistory"
android:label="@string/title_activity_transactionhistory"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".GetPhoneContact"
android:label="@string/title_activity_get_phone_contact"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".TariffPlans"
android:label="@string/title_activity_tariff_plans"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".TrnsactionHistory_Details"
android:label="@string/title_activity_trnsaction_history__details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".RailTrnsactionHistory_Details"
android:label="@string/title_activity_trnsaction_history__details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".MyProfile"
android:label="@string/title_activity_trnsaction_history__details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ZaakPAyResponse"
android:label="@string/title_activity_trnsaction_history__details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ZaakPAyResponseRailBooking"
android:label="@string/title_activity_trnsaction_history__details"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".RailTicket_PNR"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".PNRStatusDetails"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".RailTicket_History"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".activities.ActivityFavouriteDialog"
android:screenOrientation="portrait"
android:theme="@android:style/Theme.Translucent.NoTitleBar" />
<activity
android:name=".PassenderHistory"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" />
<!-- Copy below Activity Declarations inside <application></application> tag in AndroidManifest.xml of your application -->
<!-- Wallet SDK Activity Classes Start Here -->
<!-- Wallet SDK Activity Classes End Here -->
<activity
android:name=".TariffPlansActivity"
android:label="@string/title_activity_tariff_plans"
android:screenOrientation="portrait"
android:theme="@style/Theme.Tariff_plans" >
</activity>
<activity
android:name=".TransactionMessageActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".AboutActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ShareActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateHidden" >
</activity>
<activity
android:name=".ActivityLastRechargeList"
android:label="@string/title_activity_activity_last_recharge_list"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityNewInfo"
android:screenOrientation="portrait" >
</activity>
<activity
android:name=".ActivitySendMoney"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateHidden" >
</activity>
<activity
android:name=".ActivitySetTransactionPassword"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityReceivedMoneyDetails"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityTransactionHistory"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityRailBookingHistory"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityNotificationDialog"
android:screenOrientation="portrait"
android:theme="@android:style/Theme.Holo.Light.Dialog.NoActionBar" >
</activity>
<activity
android:name=".FirstActivity"
android:exported="true"
android:hardwareAccelerated="true"
android:label="@string/title_activity_main"
android:launchMode="singleTop"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".activities.OffersFragmentActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Transparent" >
</activity>
<activity
android:name=".RechargeActivity"
android:exported="true"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".RailActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateHidden|adjustPan" >
</activity>
<activity
android:name=".InviteActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" />
<activity
android:name="in.Sptestdeals.DealsActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.test" >
</activity>
<activity
android:name=".ActivityNotification"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name="in.Sptestdeals.DealDetailsActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.test"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name="com.Spdealmodule.activities.ActivityTransactionMessageTest"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
</activity>
<activity
android:name=".ActivityPaymentOptionsSelection"
android:screenOrientation="portrait"
android:theme="@style/Theme.test"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".activities.OpenURLInWebViewActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.test"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".activities.OpenInterestURLInWebViewActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Transparent" >
</activity>
<activity
android:name=".activities.ActivityOfferDetail"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".activities.ActivityAskFriend"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".activities.ActivityNoOffer"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name=".ActivitySavedCard"
android:screenOrientation="portrait"
android:theme="@style/Theme.test"
android:windowSoftInputMode="stateAlwaysHidden" >
</activity>
<activity
android:name="com.facebook.FacebookActivity"
android:configChanges="keyboard|keyboardHidden|screenLayout|screenSize|orientation"
android:label="@string/app_name"
android:theme="@android:style/Theme.Translucent.NoTitleBar" />
<service android:name=".service.AppInstallIntentService" >
</service>
<service android:name=".service.FetchtestListService" >
</service>
<receiver android:name="com.broadcastreceiver.WakefullReceiverAppInstall" >
<intent-filter android:priority="2147483647" >
<action android:name="android.intent.action.PACKAGE_ADDED" />
<action android:name="android.intent.action.PACKAGE_INSTALL" />
<action android:name="android.intent.action.PACKAGE_REMOVED" />
<data android:scheme="package" />
</intent-filter>
</receiver>
<receiver
android:name="com.broadcastreceiver.ServiceStarter"
android:exported="true" >
<intent-filter>
<action android:name="android.intent.action.BOOT_COMPLETED" />
<action android:name="android.intent.action.QUICKBOOT_POWERON" />
<action android:name="android.intent.action.REBOOT" />
</intent-filter>
</receiver>
<receiver android:name="com.broadcastreceiver.NetworkChangeReceiver" >
<intent-filter>
<action android:name="android.net.conn.CONNECTIVITY_CHANGE" />
</intent-filter>
</receiver>
<service android:name=".service.NetworkChangeIntentService" />
<!--
WakefulBroadcastReceiver that will receive intents from GCM
services and hand them to the custom IntentService.
The com.google.android.c2dm.permission.SEND permission is necessary
so only GCM services can send data messages for the app.
-->
<receiver
android:name="com.Sptest.gcm.GcmBroadcastReceiver"
android:permission="com.google.android.c2dm.permission.SEND" >
<intent-filter>
<!-- Receives the actual messages. -->
<action android:name="com.google.android.c2dm.intent.RECEIVE" />
<category android:name="in.Sptest" />
</intent-filter>
</receiver>
<receiver
android:name="com.broadcastreceiver.ReferrerCatcher"
android:exported="true" >
<intent-filter android:priority="2147483647" >
<action android:name="com.android.vending.INSTALL_REFERRER" />
</intent-filter>
</receiver>
<service android:name="com.Sptest.gcm.GcmIntentService" />
<service android:name=".service.ReferralIntentService" />
<service android:name="com.google.analytics.tracking.android.CampaignTrackingService" />
<service android:name=".service.SmsReadService" />
<provider
android:name="com.facebook.FacebookContentProvider"
android:authorities="com.facebook.app.FacebookContentProvider1450001738595564"
android:exported="true" />
<service android:name=".service.InAppNotificationService" />
<service android:name="com.Sptest.gcm.GCMRegistrationService" />
<!-- <meta-data -->
<!-- android:name="com.google.android.gms.version" -->
<!-- android:value="@integer/google_play_services_version" /> -->
<meta-data
android:name="io.fabric.ApiKey"
android:value="5423ec39674b4ed2b5891b52a2a7738b1fe69317" />
<meta-data
android:name="com.facebook.sdk.ApplicationId"
android:value="@string/facebook_app_id" />
<meta-data
android:name="com.facebook.sdk.ApplicationName"
android:value="@string/app_name" />
<activity
android:name=".SMSVerifyActivity"
android:screenOrientation="portrait"
android:theme="@style/Theme.Sherlock.Light.NoActionBar" >
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="www.Sptest.com"
android:pathPrefix="/scomm/vf"
android:scheme="https" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.VIEW" />
<category android:name="android.intent.category.DEFAULT" />
<category android:name="android.intent.category.BROWSABLE" />
<data
android:host="smsverify"
android:scheme="Sptest" />
</intent-filter>
</activity>
<activity
android:name="in.Testsdk.TestOffersListActivity"
android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize"
android:screenOrientation="portrait"
android:theme="@android:style/Theme.Translucent" >
</activity>
<service android:name="in.Testsdk.services.TestAppInstallIntentService" >
</service>
<service android:name="in.Testsdk.services.TestAppOpenService" >
</service>
<activity
android:name="in.Testsdk.TestOpenInterestActivity"
android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize"
android:screenOrientation="portrait"
android:theme="@style/Theme.Transparent" />
<activity
android:name="in.Testsdk.TestOpenURLInWebViewActivity"
android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize"
android:screenOrientation="portrait" >
</activity>
<receiver android:name="in.Testsdk.broadcastreceiver.WakefullReceiverAppInstall" >
<intent-filter android:priority="2147483647" >
<action android:name="android.intent.action.PACKAGE_ADDED" />
<action android:name="android.intent.action.PACKAGE_INSTALL" />
<action android:name="android.intent.action.PACKAGE_REMOVED" />
<data android:scheme="package" />
</intent-filter>
</receiver>
<activity
android:name=".RailPaymentWebViewActivity"
android:label="@string/title_activity_rail_payment_web_view"
android:screenOrientation="portrait">
</activity>
</application>
答案 0 :(得分:2)
虽然你已经删除了onReceivedSslError方法,但某些或其他库(如支付网关等)可能仍在使用内置的webview,因此你仍然会收到警告。检查所有库或更新它们。我希望这能解决你的问题!
答案 1 :(得分:-1)
您必须为onReceivedSslError方法提供正确的实现。这里回答Webview avoid security alert from google play upon implementation of onReceivedSslError