hyochan
commented
5 years ago This should be reported to kakao corp because we can't handle package in com.kakao.auth. This module is just bridging the auth callback.
Closed FlorianBergmann closed 5 years ago
hyochan
commented
5 years ago This should be reported to kakao corp because we can't handle package in com.kakao.auth. This module is just bridging the auth callback.
FlorianBergmann
commented
5 years ago We also have an app that is written in Java that is using the Kakao sdk but there the is no alert. We are using version 1.1.28 of the Kakao sdk in the Java app so it might be dependent on the version.
hyochan
commented
5 years ago @FlorianBergmann Yeah. Then we can upgrade kakao sdk later.
hyochan
commented
5 years ago I've released new kakaosdk just now with 1.15.1 try this.
heyman333
commented
5 years ago ping @FlorianBergmann
Hello.
I wonder if you resolve the problems
I still have problem, Even with 1.15.1v kakao sdk
When using this library and uploading an apk to the Google Play Console there is an alert that the app includes a WebView that is vulnerable to cross app scripting. More info can be found under https://support.google.com/faqs/answer/9084685
The vulnerable class is: com.kakao.auth.authorization.authcode.KakaoWebViewActivity->initUi