[Bug]: Remote Webview debugging is enabled.

[rakeshv1108]

What happened?

How can this Webview debugging mode be turned off?

I've included my release apk build in the Mobsf testing procedure to look for security flaws. Additionally, I received one serious problem from the Mobsf report for your package library. The screenshot for that report is attached. Please take action to fix the security problem.

Thank you.

Steps to reproduce?

1. Create release android build apk.
2. Set up the Mobsf security checkup tool.
3. Analyse that same apk through that Mobsf tool.

What did you expect to happen?

I want to disable or remove that debugging line from the npm package code.

React Native OneSignal SDK version

Release 4.5.0

Which platform(s) are affected?

• [ ] iOS
• [X] Android

Relevant log output

No response

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[mlblount45]

Has this issue been added to the project road map? any approximation date on when this will be addressed?

[samu-gataca]

Any new about this?

[emawby]

I apologize we do not have news yet, but we appreciate the bump! We will investigate

[maxi-sante]

Any new?

[Redn4s]

A pentest of our app revealed that Remote WebView debugging is activated. This was specifically found in OneSignal: com/onesignal/WebViewManager.java. We're use v4.5.1 of react-native-onesignal.

Any news about the issue yet?

[tair-rhyme]

seems like that is false positive, because of this, if you do not set logLevel to debug and higher it should be OK

[manish-chimera]

I am having similar issue with Onesignal Android SDK with version 5.1.7. how can we disable Remote WEBview debugging?