Google Play Warning: WebViewClient.onReceivedSslError handler

Question

I recently received an email from Google with the following subject : \"Google Play Warning: SSL Error Handler Vulnerability\". In this email, Google explains that my app has an

Answer 1

The problem is in your code. When you call handler.proceed(); like that, it effectively removes all the security from your connection.

You should remove your onReceivedSslError method. The default implementation will reject insecure connections.