Fix google play warnings (3 of them) in the android mobile app code
- or -
Post a project like this2830
$$
- Posted:
- Proposals: 10
- Remote
- #1214470
- Awarded
Wordpress|Webflow|Shopify|Wix|CRM|PHP|Android|iOS|Bespoke|App|Zoho|Laravel|SEO|PPC|Social|React|Node|Flutter|React Native|Magento|PWA|Plugin|Chrome Extention
Mohali
11245532132673367825730118859779610071008527119239011949611223614
Description
Experience Level: Intermediate
General information for the business: Mobile apps for android
Kind of development: Customization of existing program
Description of requirements/functionality: - Link to app code: https://db.tt/Zxmpn1cL
- Description - how does the app work:
After generating output in CMS, the mexp.xml file and the media.zip are created. They are data source for the app (they are both downloaded from the server).
The XML file contains all data (text, links ... ) and the zip file contains all the images (backgrounds, icons, thumbnails, etc.)
- Google Play warnings to fix:
1.) You are using a vulnerable version of libpng
- Action required: Migrate your app(s) to use libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher
2.) SSL Error Handler Vulnerability
- Your app have an unsafe implementation of the WebViewClient.onReceivedSslError handler. Specifically, the implementation ignores all SSL certificate validation errors, making your app vulnerable to man-in-the-middle attacks
- change your code to invoke SslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise.
3.) You are using an unsafe implementation of X509TrustManager
- the implementation ignores all SSL certificate validation errors when establishing an HTTPS connection to a remote host
- To properly handle SSL certificate validation, change your code in the checkServerTrusted method of your custom X509TrustManager interface to raise either CertificateException or IllegalArgumentException whenever the certificate presented by the server does not meet your expectations.
Extra notes:
Kind of development: Customization of existing program
Description of requirements/functionality: - Link to app code: https://db.tt/Zxmpn1cL
- Description - how does the app work:
After generating output in CMS, the mexp.xml file and the media.zip are created. They are data source for the app (they are both downloaded from the server).
The XML file contains all data (text, links ... ) and the zip file contains all the images (backgrounds, icons, thumbnails, etc.)
- Google Play warnings to fix:
1.) You are using a vulnerable version of libpng
- Action required: Migrate your app(s) to use libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher
2.) SSL Error Handler Vulnerability
- Your app have an unsafe implementation of the WebViewClient.onReceivedSslError handler. Specifically, the implementation ignores all SSL certificate validation errors, making your app vulnerable to man-in-the-middle attacks
- change your code to invoke SslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise.
3.) You are using an unsafe implementation of X509TrustManager
- the implementation ignores all SSL certificate validation errors when establishing an HTTPS connection to a remote host
- To properly handle SSL certificate validation, change your code in the checkServerTrusted method of your custom X509TrustManager interface to raise either CertificateException or IllegalArgumentException whenever the certificate presented by the server does not meet your expectations.
Extra notes:
Vedran P.
100% (225)Projects Completed
136
Freelancers worked with
112
Projects awarded
47%
Last project
8 May 2024
United Kingdom
New Proposal
Login to your account and send a proposal now to get this project.
Log inClarification Board Ask a Question
-
Dear Vedran ,
How are you ?
Hope you are doing great ...
I wanna to know where the issue arise from, whether on updating in Pay-store or downloading it from the store.
Can you give me the clear document please .
Hope to hear from you soon to move forward..
Thanks and Regards,
Shirley
Business Executive
60384
We collect cookies to enable the proper functioning and security of our website, and to enhance your experience. By clicking on 'Accept All Cookies', you consent to the use of these cookies. You can change your 'Cookies Settings' at any time. For more information, please read ourCookie Policy
Cookie Settings
Accept All Cookies