由于 HostnameVerifier 问题,Google 拒绝了应用

Google rejected app because of HostnameVerifier issue(由于 HostnameVerifier 问题,Google 拒绝了应用)
本文介绍了由于 HostnameVerifier 问题,Google 拒绝了应用的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

Updated my app to trust all certificates in volley for sdk 17 and below as volley works fine without hostname verifier for higher sdk. It worked fine but google rejected my app update saying

Your app(s) are using an unsafe implementation of the HostnameVerifier interface.

I am using the following code

TrustManager[] trustAllCertsc = new TrustManager[] { new X509TrustManager() {
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return null;
        }
        public void checkClientTrusted(X509Certificate[] certs, String authType) {
        }
        public void checkServerTrusted(X509Certificate[] certs, String authType) {
        }
    } };
    SSLContext scc = null;
    try {
        scc = SSLContext.getInstance("SSL");
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }
    try {
        scc.init(null, trustAllCertsc, new java.security.SecureRandom());
    } catch (KeyManagementException e) {
        e.printStackTrace();
    }
    HttpsURLConnection.setDefaultSSLSocketFactory(scc.getSocketFactory());
    // Create all-trusting host name verifier
    HostnameVerifier allHostsValidc = new HostnameVerifier() {
        public boolean verify(String hostname, SSLSession session) {
            return true;
        }
    };
    // Install the all-trusting host verifier
    HttpsURLConnection.setDefaultHostnameVerifier(allHostsValidc);

解决方案

Delete all of that code. You will fail multiple Play Store checks (HostnameVerifier and an accept-all TrustManager). Plus, the reason why the Play Store is rejecting your app is because, through this code, you are weakening app security.

这篇关于由于 HostnameVerifier 问题,Google 拒绝了应用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持编程学习网!

本站部分内容来源互联网,如果有图片或者内容侵犯您的权益请联系我们删除!

相关文档推荐

How to target newer versions in .gitlab-ci.yml using auto devops (java 11 instead of 8 and Android 31 instead of 29)(如何在.gitlab-ci.yml中使用自动开发工具(Java 11而不是8,Android 31而不是29)瞄准较新的版本)
Android + coreLibraryDesugaring: which Java 11 APIs can I expect to work?(Android+core LibraryDesugering:我可以期待哪些Java 11API能够工作?)
How to render something in an if statement React Native(如何在If语句中呈现某些内容Reaction Native)
How can I sync two flatList scroll position in react native(如何在本机Reaction中同步两个平面列表滚动位置)
Using Firebase Firestore in offline only mode(在仅脱机模式下使用Firebase FiRestore)
Crash on Google Play Pre-Launch Report: java.lang.NoSuchMethodError(Google Play发布前崩溃报告:java.lang.NoSuchMethodError)