现在代码是否能通过苹果审核

terencethewish commented 7 years ago

我们的应用这次被拒了，之前都没问题原因就是使用了动态加载代码，改变应用功能。。有没有其他同学遇到相同问题？

ningman commented 7 years ago

@terenceleetrade 你用的wax被拒了吗？

terencethewish commented 7 years ago

@ningman 是的，一直没事，包括上次清洗JSPatch，我们都没事，但这次新提交就不行了。你有遇到吗？有没有什么办法？

ningman commented 7 years ago

我之前把jspatch混淆后上架可以通过审核，今天也不行了，正打算用wax呢？

terencethewish commented 7 years ago

这个混淆是混淆JSPatch？自己混淆还是JSPatch出了混淆版？知道苹果审核这种问题的方法吗？是不是还是靠审核人去分析逻辑？

ningman commented 7 years ago

我是自己混淆的，没有用官方的JSPatch

terencethewish commented 7 years ago

Wax不知道是不是可以混淆通过审核？我是被拒了，比较麻烦，因为很多功能依赖Wax。。

ningman commented 7 years ago

被拒的理由是什么呢？

terencethewish commented 7 years ago

Your app, extension, or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with App Store Review Guideline 2.5.2 and section 3.3.2 of the Apple Developer Program License Agreement.

This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes. This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior and/or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of your app.

跟JSPatch当时一样的原因