[英]Unsafe implementation of the HostnameVerifier interface - Android
Reason for app rejection on Play Store: Play 商店拒绝应用的原因:
Your app(s) are using an unsafe implementation of the HostnameVerifier interface.您的应用正在使用 HostnameVerifier 接口的不安全实现。 You can find more information about how to resolve the issue in this Google Help Center article.您可以在这篇Google 帮助中心文章中找到有关如何解决问题的更多信息。
Hello All,大家好,
I'm getting a HostnameVerifier issue by google play console when I upload the app to the play store.当我将应用程序上传到 Play 商店时,Google Play 控制台遇到了 HostnameVerifier 问题。 I've tried each and every solution that I've found on StackOverflow, but still, the issue is the same ie Your app(s) are using an unsafe implementation of the HostnameVerifier interface.我已经尝试了我在 StackOverflow 上找到的每一个解决方案,但问题仍然存在,即您的应用程序正在使用 HostnameVerifier 接口的不安全实现。
Also, I've gone through the google documentation for this issue but didn't get any luck.此外,我已经浏览了有关此问题的 google 文档,但没有任何运气。 Does anyone have a solution regarding this?有没有人对此有解决方案? Every help is appreciated每一个帮助表示赞赏
Below is my ServiceGenerator
class下面是我的ServiceGenerator
类
public class ServiceGenerator {
private static final String KEY_AUTH_HEADER = "Authorization";
private Context context;
private Retrofit.Builder builder;
private OkHttpClient.Builder httpClient;
HandshakeCertificates certificates;
ServiceGenerator(Context context) {
this.context = context;
final String dateFormat = "yyyy-MM-dd'T'HH:mm:ss'Z'";
httpClient = new OkHttpClient.Builder();
certificates = new HandshakeCertificates.Builder()
.addTrustedCertificate(AppConstants.SSL_CERTIFICATE_DEMO)
.addTrustedCertificate(AppConstants.SSL_CERTIFICATE_LIVE)
// Uncomment if standard certificates are also required.
.addPlatformTrustedCertificates()
.build();
// Install the all-trusting trust manager
final SSLContext sslContext;
try {
sslContext = SSLContext.getInstance("SSL");
sslContext.init(null, new X509TrustManager[]{certificates.trustManager()}, new java.security.SecureRandom());
final SSLSocketFactory sslSocketFactory = sslContext.getSocketFactory();
httpClient.sslSocketFactory(sslSocketFactory, certificates.trustManager());
httpClient.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
} catch (NoSuchAlgorithmException | KeyManagementException e) {
e.printStackTrace();
}
httpClient.connectTimeout(60, TimeUnit.SECONDS);
httpClient.readTimeout(60, TimeUnit.SECONDS);
HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
int cacheSize = 20 * 1024 * 1024; // 20 MB
Cache cache = new Cache(context.getCacheDir(), cacheSize);
logging.level(HttpLoggingInterceptor.Level.BASIC);
httpClient.cache(cache);
httpClient.addNetworkInterceptor(new Interceptor() {
@Override
public Response intercept(Chain chain) throws IOException {
Response originalResponse = chain.proceed(chain.request());
if (Functions.isConnected(context)) {
int maxAge = 60 * 2; // read from cache for 2 minute
return originalResponse.newBuilder()
.header("Cache-Control", "public, max-age=" + maxAge)
.build();
} else {
int maxStale = 60 * 60 * 24 * 28; // tolerate 4-weeks stale
return originalResponse.newBuilder()
.header("Cache-Control", "public, only-if-cached, max-stale=" + maxStale)
.build();
}
}
});
httpClient.addInterceptor(logging);
httpClient.addInterceptor(new HeaderInterceptor());
Gson gson = new GsonBuilder()
.setDateFormat(dateFormat)
.create();
builder = new Retrofit.Builder()
.baseUrl(Apis.HOST);
builder.addConverterFactory(GsonConverterFactory.create(gson));
}
class HeaderInterceptor implements Interceptor {
@Override
public Response intercept(Chain chain) throws IOException {
String authKey = "authKey";
if (PrefUtils.isUserLoggedIn(context) && PrefUtils.getUserFullProfileDetails(context) != null) {
authKey = PrefUtils.getUserFullProfileDetails(context).getAuthKey();
}
Request newRequest = chain.request().newBuilder()
.addHeader("auth-key", authKey)
.build();
return chain.proceed(newRequest);
}
}
public <S> S createService(Class<S> serviceClass) {
Retrofit retrofit = builder.client(httpClient.build()).build();
return retrofit.create(serviceClass);
}
}
Actually, this issue was due to Braintree SDK which was using HostnamVerifier.实际上,这个问题是由于使用 HostnamVerifier 的 Braintree SDK 造成的。 I've gone through this GitHub issue channel for Braintree and came to know that they had resolved that issue and I just need to update the SDK version and again upload the bundle to the play store.我已经浏览了 Braintree 的这个 GitHub 问题频道,并知道他们已经解决了这个问题,我只需要更新 SDK 版本并再次将捆绑包上传到 Play 商店。 This resolved my issue and was able to upload my app to the play store.这解决了我的问题,并且能够将我的应用程序上传到 Play 商店。
Whosoever is still looking for a better solution and didn't able to find it out anywhere then kindly go through this link and submit your issue details there, also please ask them to mention the name of the file which is causing this issue.任何人仍在寻找更好的解决方案并且无法在任何地方找到它然后请通过此链接并在那里提交您的问题详细信息,并请他们提及导致此问题的文件的名称。 They will revert you in the mail with the name of the file.他们会在邮件中回复您,并附上文件名。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.