-1

I got a warning message when I published my App to Google Play Store. It's about "JavaScript interface injection issue"

I think I should apply SSL to URL to solve this problem. But, I cannot apply SSL to URL... that's out of my hand.

Is there any way I can solve it?

My app’s min sdk 17 and targetsdk 27.

Ole V.V.
  • 81,772
  • 15
  • 137
  • 161
Hani
  • 140
  • 1
  • 6
  • So your WebView displays a html page that contains an http:// link. Where does the web page come from? – Robert Jan 16 '19 at 09:19
  • @Robert The web page come from our company. but They aren't modifying the web page any more. – Hani Jan 17 '19 at 00:27
  • OK, then it is not a technical problem you can solve. Tell them that willful ignorance comes at a price, the price that your app is dead because of them and you will loose customers/money because of them. Also write this in a letter to your upper management and see what happens ;) – Robert Jan 17 '19 at 07:40
  • I'm voting to close this question as off-topic because it is not a technical but an organizationally problem of the company the app belongs to. – Robert Jan 17 '19 at 07:41
  • I agree with your opinion .Thank you for suggestion. – Hani Jan 17 '19 at 08:09

1 Answers1

1

I solved it.

Link here. https://developer.android.com/training/articles/security-config#CleartextTrafficPermitted

Hope this will help.

<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<domain-config cleartextTrafficPermitted="true">
<domain includeSubdomains="true">secure.example.com</domain>
</domain-config>
</network-security-config>

If you provide https to URL. then you will change cleartextTrafficPermitted attribute to "false".

Hani
  • 140
  • 1
  • 6