Android 審査でリジェクトくらった(SSL Error Handler)



Google Play Support

Hello Google Play Developer,
We rejected ***, with package name ***.., for violating our Malicious Behavior or User Data policy. If you submitted an update, the previous version of your app is still available on Google Play.
This app uses software that contains security vulnerabilities for users or allows the collection of user data without proper disclosure.
Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please upgrade your app(s) as soon as possible and increment the version number of the upgraded APK.
VulnerabilityAPK Version(s)Past Due Date
SSL Error Handler
For more information on how to address WebView SSL Error Handler alerts, please see this Google Help Center article.
1November 30, 2016
To confirm you’ve upgraded correctly, submit the updated version of your app to the Play Console and check back after five hours to make sure the warning is gone.
While these vulnerabilities may not affect every app that uses this software, it’s best to stay up to date on all security patches. Make sure to update any libraries in your app that have known security issues, even if you’re not sure the issues are relevant to your app.
Apps must also comply with the Developer Distribution Agreement and Developer Program Policies.
If you feel we have made this determination in error, please reach out to our developer support team.
The Google Play Team

SSL 証明書の確認を適切に処理してね。といっています。



webView.setWebViewClient(new WebViewClient() {

    public void onReceivedSslError(WebView view, SslErrorHandler handler, SslError error) {
        if (error.getPrimaryError() != SslError.SSL_UNTRUSTED) {
        } else {