Articles in this section

See more

WebViewClient SSL Error Handler Alert by Google

Pavlos Kaimakis
  • Updated
Follow

Overview

You got a "WebViewClient SSL Error Handler" app alert from Google. This article explains why you got this Google app message and what you can do to fix your Google app and have a safe app published on the Google Play Store. 

Diagnosis 

You got this security alert: 

Your app is using an unsafe implementation of WebViewClient.onReceivedSslError handler. Please see the Google Help Center article for details, including the deadline for fixing the vulnerability.

GoogleIssue_05142020.png

on your Google Developer Account.

Also, you may have received via email the following: 

  • We reviewed [Name], with package name com.app_****.layout, and found that your app uses software that contains security vulnerabilities for users. Apps with these vulnerabilities can expose user information or damage a user's device and may be considered to be in violation of our Malicious Behavior policy.

    Below is the list of issues and the corresponding APK versions that were detected in your recent submission. Please migrate your apps to use the updated software as soon as possible and increment the version number of the upgraded APK.

Vulnerability

APK Version(s)

Deadline to fix

SSL Error Handler

For more information on how to address WebView SSL Error Handler alerts, please see this Google Help Center article.

<apk_Version>

<date>

 This issue usually occurs when an insecure URL (a URL starting with "HTTP," instead of "HTTPS") is added to any feature that allows customers to add links

Back to top

Solution

Important: Check when was the last time you (re)published your app. If it was over 6 months ago, you are advised to republish it and then check if the problem persists. If so, please check the following steps:
  1. Log in to BiznessApps CMS.
  2. Locate the affected app. 
  3. Go to Build.
  4. Under the Features section, click on each website feature and any other feature that a custom URL can be added to (eg 'Contacts', 'Info-Tier') and locate any field with an insecure URL by checking the URLs under the Website Views section. 
  5. Click on the edit icon of the website that has an insecure URL.

    bizzapps_secure_url__1_.png
  6. Edit the URL by adding an "S" after "HTTP" in the URL.

    bizzapps_edit_url__1_.png
  7. Click Save.

    bizzapps_edit_url.png
  8. Click Save on the Build screen on the upper-right hand corner. 

    mceclip0.png
  9. Republish your Android App

 Back to top

Testing

You will be able to publish your app successfully on the Google Play Store without receiving this error message. 

Back to top

Related Articles

 

 

Related articles

Comments

0 comments

Please sign in to leave a comment.