I recently published an application on google play, and I received an email from the google play team which says: ...and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user’s device, and may be considered to be in violation of our Malicious Behavior policy.
Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK.
Vulnerability : TrustManager
My application was developed with Flutter...
I really don't know how to fix this, if you can help me.
pubspec.yaml
name: ...
description: ...
version: 1.0.1+2
environment:
sdk: ">=2.1.0 <3.0.0"
dependencies:
flutter:
sdk: flutter
# The following adds the Cupertino Icons font to your application.
# Use with the CupertinoIcons class for iOS style icons.
cupertino_icons: ^0.1.2
#bottom_navy_bar: ^5.3.2
http: ^0.12.2
shared_preferences: ^0.5.6+1
location: ^2.3.5
sqflite: ^1.2.0
path_provider: ^1.6.0
image_picker: ^0.6.3+1
intl: ^0.16.1
country_code_picker: ^1.2.4
multi_image_picker: ^4.6.1
firebase_auth: ^0.16.1
image_cropper: ^1.2.1
validators: ^2.0.0+1
firebase_messaging: ^6.0.9
esys_flutter_share: ^1.0.2
photo_view: ^0.9.1
material_design_icons_flutter: ^3.4.4895
url_launcher: ^5.4.1
cached_network_image: ^2.0.0
encrypt: ^4.0.0
flutter_local_notifications: ^1.1.6
r_scan: ^0.1.3+2
permission_handler: ^4.2.0+hotfix.3
native_contact_picker: ^0.0.6
qr_utils:
path: packages/qr_utils
libphonenumber: ^1.0.1
flutter_cache_manager: ^1.1.3
csv: ^4.0.3
excel: ^1.0.2
pdf: ^1.5.0
printing: any
flutter_swiper: ^1.1.6
flutter_rating_bar: ^3.0.1+1
flutter_native_admob: ^2.1.0
dev_dependencies:
flutter_test:
sdk: flutter
flutter:
uses-material-design: true
assets:
- assets/images/
code
String url = "https://exemple.com/resources/users/1";
try {
final response = await http.get(url);
if (response.statusCode == 200) {
//parse user
}
} on SocketException {
} catch (ex) {
print(ex.toString());
}
return null;
flutter doctor
[√] Flutter (Channel stable, v1.17.3, on Microsoft Windows [version 10.0.10240], locale fr-FR)
• Flutter version 1.17.3 at C:\souces\flutter
• Framework revision b041144f83 (8 weeks ago), 2020-06-04 09:26:11 -0700
• Engine revision ee76268252
• Dart version 2.8.4
[√] Android toolchain - develop for Android devices (Android SDK version 30.0.0)
• Android SDK at D:\android\android-sdk-windows
• Platform android-30, build-tools 30.0.0
• ANDROID_HOME = D:\android\android-sdk-windows
• Java binary at: C:\Program Files\Android\Android Studio\jre\bin\java
• Java version OpenJDK Runtime Environment (build 1.8.0_242-release-1644-b01)
• All Android licenses accepted.
[√] Android Studio (version 4.0)
• Android Studio at C:\Program Files\Android\Android Studio
• Flutter plugin version 46.0.2
• Dart plugin version 193.7361
• Java version OpenJDK Runtime Environment (build 1.8.0_242-release-1644-b01)
[√] VS Code (version 1.46.0)
• VS Code at C:\Users\User\AppData\Local\Programs\Microsoft VS Code
• Flutter extension version 3.12.2
[√] Connected device (1 available)
• TECNO WX4 • 0257309828005184 • android-arm • Android 7.0 (API 24)
• No issues found!
