谷歌播放警告：WebViewClient.onReceivedSslError處理

我收到一封電子郵件從谷歌與下面的主題：Google Play Warning: SSL Error Handler Vulnerability". In this email, Google explains that my app has an ["unsafe implementation of the WebViewClient.onReceivedSslError handler"谷歌播放警告：WebViewClient.onReceivedSslError處理

這裏是我的方法實現（的WebView客戶端）：

public class MyBrowser extends WebViewClient { 
    boolean timeout; 
    public MyBrowser() { 
     timeout = true; 
    } 
    @Override 
    public void onPageStarted(WebView view, String url, Bitmap favicon) { 
     try { 

       progressBar.setVisibility(View.VISIBLE);     

     }catch(Exception e){ 
      e.printStackTrace(); 
     } 
    } 
    @Override 
    public boolean shouldOverrideUrlLoading(WebView view, String url) { 
     view.loadUrl(url); 
     return true; 
    } 

    public void onPageFinished(WebView view, String url) { 

     try{ 

     progressBar.setVisibility(View.GONE); 
     webView.setVisibility(View.VISIBLE); 

     }catch(Exception e){ 
      Log.e("Exception", e.toString()); 
      Crashlytics.logException(e); 
     } 

    } 

    @Override 
    public void onReceivedError(WebView view, int errorCode, 
           String description, String failingUrl) { 
     isBack=true; 
     if (!CommonUtility.isNetworkAvailable()) { 

      view.loadUrl("file:///android_asset/error.html"); 
     } 
    } 

}

第一次警告後，我從WebClient中刪除了onReceivedSslError方法並上傳了新版本，但我又收到了Google Play的相同警告。他們建議我： - 「看起來版本18仍然存在漏洞，請仔細重新檢查您的應用的清單文件，以確保漏洞已被解決。

這裏是我的清單文件： - （請幫我擺脫掉這個問題）

<?xml version="1.0" encoding="utf-8"?> 
<manifest xmlns:android="http://schemas.android.com/apk/res/android" 
xmlns:tools="http://schemas.android.com/tools" 
package="in.test" 
android:installLocation="auto" 
android:versionCode="18" 
android:versionName="2.0" > 

<uses-sdk 
    android:minSdkVersion="14" 
    android:targetSdkVersion="21" /> 

<!-- GCM Permisssions --> 
<uses-permission android:name="android.permission.WAKE_LOCK" /> 
<uses-permission android:name="com.google.android.c2dm.permission.RECEIVE" /> 

<!-- 
Creates a custom permission so only this app can receive its messages. 

NOTE: the permission *must* be called PACKAGE.permission.C2D_MESSAGE, 
     where PACKAGE is the application's package name. 
--> 
<permission 
    android:name="in.Sptest.permission.C2D_MESSAGE" 
    android:protectionLevel="signature" /> 

<uses-permission android:name="android.permission.USE_CREDENTIALS" /> 
<uses-permission android:name="android.permission.GET_ACCOUNTS" /> 
<uses-permission android:name="android.permission.INTERNET" /> 
<uses-permission android:name="android.permission.READ_PHONE_STATE" /> 
<uses-permission android:name="android.permission.READ_CONTACTS" /> 
<uses-permission android:name="android.permission.RECEIVE_SMS" /> 
<uses-permission android:name="android.permission.READ_SMS" /> 
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" /> 
<uses-permission android:name="android.permission.GET_TASKS" /> 
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" /> 



<application 
    android:name=".application.TestApplication" 
    android:hardwareAccelerated="true" 
    android:icon="@drawable/logo" 
    android:label="@string/app_name" 
    tools:replace="android:icon,android:name" > 
    <activity 
     android:name=".LauncherScreen" 
     android:hardwareAccelerated="true" 
     android:label="@string/title_activity_main" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".MainActivity" 
     android:hardwareAccelerated="true" 
     android:label="@string/title_activity_main" 
     android:noHistory="false" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".URLActivity" 
     android:label="@string/app_name" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".SplashActivity" 
     android:label="@string/app_name" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".activities.ActivityIntro" 
     android:label="@string/app_name" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
     <intent-filter> 
      <action android:name="android.intent.action.MAIN" /> 

      <category android:name="android.intent.category.LAUNCHER" /> 
     </intent-filter> 
    </activity> 
    <activity 
     android:name=".Login_test" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".fragment.FragmentActivityNumberVerification" 
     android:icon="@drawable/app_icon" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".BrowserScreen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".activities.TermsActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".DataCardRecharge" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".UserFeedBack" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".PostpaidMobileRecharge" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".PrepaidMobileRecharge" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".Recharge" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".RailBooking" 
     android:label="@string/title_activity_launcher_screen" 
     android:screenOrientation="portrait" 

     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ProfileDetails" 
     android:label="@string/title_activity_profile_details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".RailTransactionhistory" 
     android:label="@string/title_activity_transactionhistory" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".GetPhoneContact" 
     android:label="@string/title_activity_get_phone_contact" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".TariffPlans" 
     android:label="@string/title_activity_tariff_plans" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".TrnsactionHistory_Details" 
     android:label="@string/title_activity_trnsaction_history__details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".RailTrnsactionHistory_Details" 
     android:label="@string/title_activity_trnsaction_history__details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".MyProfile" 
     android:label="@string/title_activity_trnsaction_history__details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ZaakPAyResponse" 
     android:label="@string/title_activity_trnsaction_history__details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ZaakPAyResponseRailBooking" 
     android:label="@string/title_activity_trnsaction_history__details" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".RailTicket_PNR" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".PNRStatusDetails" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".RailTicket_History" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".activities.ActivityFavouriteDialog" 
     android:screenOrientation="portrait" 
     android:theme="@android:style/Theme.Translucent.NoTitleBar" /> 
    <activity 
     android:name=".PassenderHistory" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" /> 

    <!-- Copy below Activity Declarations inside <application></application> tag in AndroidManifest.xml of your application --> 
    <!-- Wallet SDK Activity Classes Start Here --> 

    <!-- Wallet SDK Activity Classes End Here --> 
    <activity 
     android:name=".TariffPlansActivity" 
     android:label="@string/title_activity_tariff_plans" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Tariff_plans" > 
    </activity> 
    <activity 
     android:name=".TransactionMessageActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".AboutActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ShareActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateHidden" > 
    </activity> 
    <activity 
     android:name=".ActivityLastRechargeList" 
     android:label="@string/title_activity_activity_last_recharge_list" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityNewInfo" 
     android:screenOrientation="portrait" > 
    </activity> 
    <activity 
     android:name=".ActivitySendMoney" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateHidden" > 
    </activity> 
    <activity 
     android:name=".ActivitySetTransactionPassword" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityReceivedMoneyDetails" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityTransactionHistory" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityRailBookingHistory" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityNotificationDialog" 
     android:screenOrientation="portrait" 
     android:theme="@android:style/Theme.Holo.Light.Dialog.NoActionBar" > 
    </activity> 


    <activity 
     android:name=".FirstActivity" 
     android:exported="true" 
     android:hardwareAccelerated="true" 
     android:label="@string/title_activity_main" 
     android:launchMode="singleTop" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".activities.OffersFragmentActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Transparent" > 
    </activity> 
    <activity 
     android:name=".RechargeActivity" 
     android:exported="true" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".RailActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
    android:windowSoftInputMode="stateHidden|adjustPan" > 
    </activity> 
    <activity 
     android:name=".InviteActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" /> 
    <activity 
     android:name="in.Sptestdeals.DealsActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.test" > 
    </activity> 
    <activity 
     android:name=".ActivityNotification" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name="in.Sptestdeals.DealDetailsActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.test" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name="com.Spdealmodule.activities.ActivityTransactionMessageTest" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
    </activity> 
    <activity 
     android:name=".ActivityPaymentOptionsSelection" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.test" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".activities.OpenURLInWebViewActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.test" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".activities.OpenInterestURLInWebViewActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Transparent" > 
    </activity> 
    <activity 
     android:name=".activities.ActivityOfferDetail" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".activities.ActivityAskFriend" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".activities.ActivityNoOffer" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name=".ActivitySavedCard" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.test" 
     android:windowSoftInputMode="stateAlwaysHidden" > 
    </activity> 
    <activity 
     android:name="com.facebook.FacebookActivity" 
     android:configChanges="keyboard|keyboardHidden|screenLayout|screenSize|orientation" 
     android:label="@string/app_name" 
     android:theme="@android:style/Theme.Translucent.NoTitleBar" /> 

    <service android:name=".service.AppInstallIntentService" > 
    </service> 
    <service android:name=".service.FetchtestListService" > 
    </service> 

    <receiver android:name="com.broadcastreceiver.WakefullReceiverAppInstall" > 
     <intent-filter android:priority="2147483647" > 
      <action android:name="android.intent.action.PACKAGE_ADDED" /> 
      <action android:name="android.intent.action.PACKAGE_INSTALL" /> 
      <action android:name="android.intent.action.PACKAGE_REMOVED" /> 

      <data android:scheme="package" /> 
     </intent-filter> 
    </receiver> 
    <receiver 
     android:name="com.broadcastreceiver.ServiceStarter" 
     android:exported="true" > 
     <intent-filter> 
      <action android:name="android.intent.action.BOOT_COMPLETED" /> 
      <action android:name="android.intent.action.QUICKBOOT_POWERON" /> 
      <action android:name="android.intent.action.REBOOT" /> 
     </intent-filter> 
    </receiver> 
    <receiver android:name="com.broadcastreceiver.NetworkChangeReceiver" > 
     <intent-filter> 
      <action android:name="android.net.conn.CONNECTIVITY_CHANGE" /> 
     </intent-filter> 
    </receiver> 

    <service android:name=".service.NetworkChangeIntentService" /> 

    <!-- 
     WakefulBroadcastReceiver that will receive intents from GCM 
     services and hand them to the custom IntentService. 

     The com.google.android.c2dm.permission.SEND permission is necessary 
     so only GCM services can send data messages for the app. 
    --> 
    <receiver 
     android:name="com.Sptest.gcm.GcmBroadcastReceiver" 
     android:permission="com.google.android.c2dm.permission.SEND" > 
     <intent-filter> 

      <!-- Receives the actual messages. --> 
      <action android:name="com.google.android.c2dm.intent.RECEIVE" /> 

      <category android:name="in.Sptest" /> 
     </intent-filter> 
    </receiver> 
    <receiver 
     android:name="com.broadcastreceiver.ReferrerCatcher" 
     android:exported="true" > 
     <intent-filter android:priority="2147483647" > 
      <action android:name="com.android.vending.INSTALL_REFERRER" /> 
     </intent-filter> 
    </receiver> 

    <service android:name="com.Sptest.gcm.GcmIntentService" /> 
    <service android:name=".service.ReferralIntentService" /> 
    <service android:name="com.google.analytics.tracking.android.CampaignTrackingService" /> 
    <service android:name=".service.SmsReadService" /> 

    <provider 
     android:name="com.facebook.FacebookContentProvider" 
     android:authorities="com.facebook.app.FacebookContentProvider1450001738595564" 
     android:exported="true" /> 

    <service android:name=".service.InAppNotificationService" /> 
    <service android:name="com.Sptest.gcm.GCMRegistrationService" /> 




    <!-- <meta-data --> 
    <!-- android:name="com.google.android.gms.version" --> 
    <!-- android:value="@integer/google_play_services_version" /> --> 
    <meta-data 
     android:name="io.fabric.ApiKey" 
     android:value="5423ec39674b4ed2b5891b52a2a7738b1fe69317" /> 
    <meta-data 
     android:name="com.facebook.sdk.ApplicationId" 
     android:value="@string/facebook_app_id" /> 
    <meta-data 
     android:name="com.facebook.sdk.ApplicationName" 
     android:value="@string/app_name" /> 

    <activity 
     android:name=".SMSVerifyActivity" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Sherlock.Light.NoActionBar" > 
     <intent-filter> 
      <action android:name="android.intent.action.VIEW" /> 

      <category android:name="android.intent.category.DEFAULT" /> 
      <category android:name="android.intent.category.BROWSABLE" /> 

      <data 
       android:host="www.Sptest.com" 
       android:pathPrefix="/scomm/vf" 
       android:scheme="https" /> 
     </intent-filter> 
     <intent-filter> 
      <action android:name="android.intent.action.VIEW" /> 

      <category android:name="android.intent.category.DEFAULT" /> 
      <category android:name="android.intent.category.BROWSABLE" /> 

      <data 
       android:host="smsverify" 
       android:scheme="Sptest" /> 
     </intent-filter> 
    </activity> 
    <activity 
     android:name="in.Testsdk.TestOffersListActivity" 
     android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize" 
     android:screenOrientation="portrait" 
     android:theme="@android:style/Theme.Translucent" > 
    </activity> 

    <service android:name="in.Testsdk.services.TestAppInstallIntentService" > 
    </service> 
    <service android:name="in.Testsdk.services.TestAppOpenService" > 
    </service> 

    <activity 
     android:name="in.Testsdk.TestOpenInterestActivity" 
     android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize" 
     android:screenOrientation="portrait" 
     android:theme="@style/Theme.Transparent" /> 
    <activity 
     android:name="in.Testsdk.TestOpenURLInWebViewActivity" 
     android:configChanges="keyboard|keyboardHidden|orientation|screenLayout|uiMode|screenSize|smallestScreenSize" 
     android:screenOrientation="portrait" > 
    </activity> 

    <receiver android:name="in.Testsdk.broadcastreceiver.WakefullReceiverAppInstall" > 
     <intent-filter android:priority="2147483647" > 
      <action android:name="android.intent.action.PACKAGE_ADDED" /> 
      <action android:name="android.intent.action.PACKAGE_INSTALL" /> 
      <action android:name="android.intent.action.PACKAGE_REMOVED" /> 

      <data android:scheme="package" /> 
     </intent-filter> 
    </receiver> 

    <activity 
     android:name=".RailPaymentWebViewActivity" 
     android:label="@string/title_activity_rail_payment_web_view" 
     android:screenOrientation="portrait"> 
    </activity> 
</application>

來源

2016-03-30 user1986760

你是否檢查過你正在使用的所有庫？也許一個類正在使用WebViewClient.onReceivedSslError處理程序！ –

這是最好的答案。 http://stackoverflow.com/a/36147896/1488066 – AndroidLad

您必須提供onReceivedSslError方法正確實施。回答這裏Webview avoid security alert from google play upon implementation of onReceivedSslError

來源

2016-03-31 06:53:46

我們已經刪除了'onReceivedSslError'不能繞過SSL，但仍然谷歌給我們的應用程序提醒。 –

雖然你已經刪除onReceivedSslError方法，一些或其他庫，如支付網關等可能仍然使用內置的web視圖，因此你仍然得到這個警告。檢查所有庫或更新它們。我希望這能解決你的問題！

來源

2016-04-12 05:46:20 prateek31

親愛的prateek，我已經檢查過，但沒有能夠在整個代碼中找到這個方法。你可以建議一些其他方式嗎？ – user1986760

親愛的prateek，以下是我在我們項目中使用的jar/aar文件： - 'com.google.android.gms：play-services：6.5.87' 'com.actionbarsherlock：actionbarsherlock：[email protected] ' 'com.facebook.android:facebook-android-sdk:4.1.0' Android的異步HTTP-1.4.6.jar' Android的viewbadger.jar ' AndroidSwipeLayout-v1.1.6.jar' libGoogleAnalyticsServices .jar' mobikwik_payment_android_sdk.jar'請引導我，如果他們中的任何人似乎是這個問題的罪魁禍首。 – user1986760

Mobikwik_payment_android_sdk.jar 確定此庫使用的是webview，並且是您看到此警告的原因。 – prateek31

谷歌播放警告：WebViewClient.onReceivedSslError處理

回答

相關問題