Open jasir-m opened 3 years ago
any updates on how to solve this issue? already try to update the dependencies, but still facing the same error
OkHttpClient.Builder builder = client.newBuilder();
builder.sslSocketFactory(sslSocketFactory, x509TrustManager);
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return false;
}
});
for this block of code can we just return false
? found this solution here: https://www.programmersought.com/article/41342996449/
rn-fetch-blob was use for redux-persist, where will use device's internal storage to store the redux state. Hence i presume there is no condition to return true
in this case?
This is because the following function allows unsafe/unverified SLL connections. Google does not allow this anymore. You must either add an interface to allow users to add exception-URLs or just remove these lines but then it will stop working with not verified https-certs or connections without https. Not sure how local paths are handled (file://):
builder.hostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
in android/src/main/java/com/RNFetchBlob/RNFetchBlobUtils.java
@here: we are also facing this isse where Google has rejected app, and given the reason of using this method.
Google also rejected the app after change the implementation of the verify method to return false according to https://support.google.com/faqs/answer/7188426?hl=en
Any possible solution to fix this ?
I remove all code related to HostnameVerifier but Google again reject my any one can help
Your app(s) are using an unsafe implementation of the HostnameVerifier interface. You can find more information about how to resolve the issue in this Google Help Center article