talsec / Free-RASP-Flutter

Flutter library for improving app security and threat monitoring on Android and iOS mobile devices.
https://github.com/talsec/Free-RASP-Community
MIT License
192 stars 19 forks source link

Your app contains content that isn’t compliant with the Broken Functionality policy. App loads, but crashes #141

Open AhmedHammad0900 opened 3 weeks ago

AhmedHammad0900 commented 3 weeks ago

Describe the bug When I try to upload my app update to Google Play I get this error :- Your app contains content that isn’t compliant with the Broken Functionality policy. App loads, but crashes

my code is :-

    isProd: true,
 ..... // closure 
  final callback = ThreatCallback(
    onAppIntegrity: () => exit(0),
    onObfuscationIssues: () => exit(0),
    onDebug: () => exit(0),
    onDeviceBinding: () => exit(0),
    onHooks: () => exit(0),
    onPrivilegedAccess: () => exit(0),
    onSecureHardwareNotAvailable: () => exit(0),
    onSimulator: () => exit(0),
    onSystemVPN: () => exit(0),
    onUnofficialStore: () => exit(0),
  );

and I am using this command to build the app

flutter build appbundle--release --obfuscate --split-debug-info=build/app/outputs/symbols

I tried to build apk to test it on my phone and it worked fine without crashing after removing this part of code for sure :- onUnofficialStore: () => exit(0),

I used :- flutter build apk --release --obfuscate --split-debug-info=build/app/outputs/symbols

Console of Google don't show additional information but the only thing I did is adding freeRasp to my code then uploading it as update so no another code errors and app works fine my local device after removign store part ..

I want refer to that "signingCertHashes" include the SHA of store too with release and debug SHA

AhmedHammad0900 commented 2 weeks ago

any help on this ..

msikyna commented 2 weeks ago

Hello,

does the APK of the application, which is resigned by Google work on your device as well? Does the beta or internal testing version work as well? Btw using exit(0) is not an appropriate killing of the application on Android devices, see https://stackoverflow.com/questions/45109557/flutter-how-to-programmatically-exit-the-app

Kind regards, Talsec team