得到了谷歌的警告玩。
我如何处理不安全实施WebViewClient.onReceivedSslError处理程序的SSL错误处理程序中的漏洞。
How can i handle "SSL Error Handler Vulnerability" of unsafe implementation of the WebViewClient.onReceivedSslError handler.
请尽快解决此漏洞并增加升级的APK的版本号。要正确处理SSL证书验证,改变你的code调用SslErrorHandler.proceed()每当证书$ P $由psented服务器满足您的期望,并调用SslErrorHandler.cancel(),否则。
"Please address this vulnerability as soon as possible and increment the version number of the upgraded APK. To properly handle SSL certificate validation, change your code to invoke SslErrorHandler.proceed() whenever the certificate presented by the server meets your expectations, and invoke SslErrorHandler.cancel() otherwise."
推荐答案
我收到了同样的警告今天,它告诉我,这个问题来自我的广告网络之一(的InMobi,我真的考虑放弃他们,因为他们有很多欺诈,自动重定向横幅,现在这个...)的SDK:
I have received the same warning today, and it informs me that the issue comes from the SDK of one of my ad networks (InMobi, I'm really considering dropping them as they have a lot of fraudulent, auto-redirect banners, and now this...):
com.inmobi.commons.analytics.iat.impl.net.AdTrackerWebViewLoader $ MyWebViewClient
什么是你的情况,受影响的班?如果是你自己的类之一,你必须阅读技术documentation并修复您的实现。
What is the affected class in your case? If it is one of your own classes, you'll have to read the technical documentation and fix your implementation.
如果像我一样,你是你的外部库之一的只是受害者,请联系开发商要求他们提供一个固定的库(或降库)。
If, like me, you are just the victim of one of your external libraries, contact the developers to ask them to provide a fixed library (or drop the library).
相关推荐
最新文章