Kind of development: Customization of existing program
Description of requirements/functionality: - Link to app code: https://db.tt/Zxmpn1cL
- Description - how does the app work:
After generating output in CMS, the mexp.xml file and the media.zip are created. They are data source for the app (they are both downloaded from the server).
The XML file contains all data (text, links ... ) and the zip file contains all the images (backgrounds, icons, thumbnails, etc.).
- Google Play warnings to fix:
1.) You are using a vulnerable version of libpng
- Action required: Migrate your app(s) to use libpng v1.0.66, v.1.2.56, v.1.4.19, v1.5.26 or higher
2.) SSL Error Handler Vulnerability
- Your app have an unsafe implementation of the WebViewClient.onReceivedSslError handler. Specifically, the implementation ignores all SSL certificate validation errors, making your app vulnerable to man-in-the-middle attacks
- change your code to invoke SslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise.
3.) You are using an unsafe implementation of X509TrustManager
- the implementation ignores all SSL certificate validation errors when establishing an HTTPS connection to a remote host
- To properly handle SSL certificate validation, change your code in the checkServerTrusted method of your custom X509TrustManager interface to raise either CertificateException or IllegalArgumentException whenever the certificate presented by the server does not meet your expectations.
Vedran P.100% (191)
Login to your account and send a proposal now to get this project.Log in
Clarification Board Ask a Question
Can you share source code?
Thanks for the Invitation.
We have deployed many applications on app store.
- Can we have a quick discussion on the same so we can be your help?
Can I have a chat with your developer?
Lets discuss this in detail.
Any deadline for this project?