问题
My application received [Remediation for JavaScript Interface Injection Vulnerability] from Google PlayStore.
Webview control via javascript interface in non-https webpage.
This is my solution.
It is correct for this issue? or how to modify?
public boolean shouldOverrideUrlLoading(WebView view, WebResourceRequest request) {
if(request.getUrl().getHost().equals("mydomain.com")) {
view.addJavascriptInterface(new MyJavaScriptInterface(), "myview");
} else {
view.removeJavascriptInterface("myview");
}
return super.shouldOverrideUrlLoading(view, request);
}
回答1:
I solved using https url. I installed on my site an ssl certificate.
来源:https://stackoverflow.com/questions/53631536/in-android-javascript-interface-injection-vulnerability