-
Notifications
You must be signed in to change notification settings - Fork 885
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CB-12809 android #179
CB-12809 android #179
Conversation
…und https://support.google.com/faqs/answer/6346016 Adding a check for the certificate that comes in when connecting to the server
…lay that can be found https://support.google.com/faqs/answer/6346016 Adding a check for the certificate that comes in when connecting to the server
@stevengill Can you please take a look at this |
…dova-plugin-file-transfer into fixingSecurityIssue
Those methods are there to ignore the certificates if you pass |
@jcesarmobile, I understand, but this is violating Google's play ToS and it clearly states that any new updates or apps using an unsafe implementation of TrustManager will be blocked. https://support.google.com/faqs/answer/6346016. Given that, any apps using this code would be in violation and could be blocked from the google store. |
Yeah, so the solution should be to deprecate |
+1 to @jcesarmobile's proposed solution. |
+1 to deprecation as well. |
Fixing a security issue which is banned by google play that can be found https://support.google.com/faqs/answer/6346016
Adding a check for the certificate that comes in when connecting to the server
Platforms affected
Android
What does this PR do?
Adds a check for the connection that gets created
What testing has been done on this change?
Ran the tests
Checklist