I have developed ReactNative mobile application, When I run security tests using [ImmuniWeb] report shows me that my application makes post request to 'https://www.googleapis.com/experimentsandconfigs/v1/getExperimentsAndConfigs'1 I have not used any of the google analytical tools or any other google cloud services in my application. One of the Example request is traced as below.
Date/Time: 16.05.2020 17:27 CEST
Requested URL: https://www.googleapis.com/experimentsandconfigs/v1/getExperimentsAndConfigs
Requested HTTP Headers:
User-Agent: Android/com.google.android.gms/16089022 (generic_x86 OSM1.180201.031); gzip
content-length: 1069
content-type: application/x-protobuf
Host: www.googleapis.com
Connection: Keep-Alive
Accept-Encoding: gzip
Response HTTP Headers:
Content-Type: application/octet-stream
Vary: Accept-Encoding
Date: Sat, 16 May 2020 15:27:24 GMT
Expires: Sat, 16 May 2020 15:27:24 GMT
Cache-Control: public, max-age=0
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
Alt-Svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Transfer-Encoding: chunked
content-length: 49581
I have also created dummy app to check the same it is reporting the same issue in security report. you can see the full report here. Security Report Can anyone please help me solving this? Thanks in advance.
