HostnameVerifier 您的应用程序正在使用 HostnameVerifier 接口的不安全 iImplementation。如何解决此问题？

Question

When I am uploading apk version I am getting HostnameVerifier error, Even I am not using Webview in my project I have commented my Webview all over the project

Answer 1

If you want solve this problem Read this

click here

• Action required

Sign in to your Play Console, and navigate to the Alerts section to see which apps are affected and the deadlines to resolve these issues. Update your affected apps and fix the vulnerability. Submit the updated versions of your affected apps.

Upon resubmission, your app will be reviewed again. This process can take several hours. If the app passes review and is published successfully, then no further action is required. If the app fails review, then the new app version will not be published and you will receive an email notification.

• Additional details

To properly handle hostname verification, change the implementation of your custom HostnameVerifier interface to perform the following actions:

If you are using the HostnameVerifier interface, change the implementation of the verify method to return false whenever the hostname of the server does not meet your expectations.

If you are using the X509HostnameVerifier interface, change the implementation of the verify methods (variants 1, 2, 3) to raise an SSLException whenever the hostname of the server does not meet your expectations. Ensure that the Exceptions raised within your verify implementation are not caught and suppressed within the method. Suppressing Exceptions in this manner would cause verify to exit normally, leading the app to trust all hostnames.

Also, do not pass AllowAllHostnameVerifier as an argument to setDefaultHostnameVerifier or setHostnameVerifier (eg, via SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER). AllowAllHostnameVerifier turns off hostname verification, thus making your app vulnerable to attack.