CODEWITHSUNDEEP
androidandroid-webview
Abhi Chaurasia
Abhi Chaurasia

Reputation: 23

Your app includes a WebView that is vulnerable to cross app scripting

I Have an issue after publish app on playstore

Your app includes a WebView that is vulnerable to cross app scripting. Please see this Google Help >Center article for details.

Vulnerable classes:

com.all.in.one.shopping.app.india.activity.WebViewActivity->setupWebView

And this is my webViewActivity Code-

class WebViewActivity : AppCompatActivity() {

override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    setContentView(R.layout.activity_web_view)

    setupWebView()
}

private fun setupWebView() {
    webViewFromActivity.loadUrl(intent.getStringExtra(AppConstants.WV_URL))
    webViewFromActivity.webViewClient = mWebViewClient
    webViewFromActivity.settings.javaScriptEnabled = true
    webViewFromActivity.settings.domStorageEnabled = true
    webViewFromActivity.requestFocus(View.FOCUS_DOWN)
}

private val mWebViewClient = object : WebViewClient() {
    override fun onPageStarted(view: WebView, url: String?, favicon: Bitmap?) {
        progressBar.visibility = View.VISIBLE
        super.onPageStarted(view, url, favicon)

    }

    override fun shouldOverrideUrlLoading(view: WebView, url: String?): Boolean {
        view.loadUrl(url)
        return true
    }

    override fun onPageFinished(view: WebView, url: String) {
        progressBar.visibility = View.GONE
        super.onPageFinished(view, url)
    }

Upvotes: 0

Views: 1043

Answers (2)

Swayangjit
Swayangjit

Reputation: 1881

Try adding the following in your manifest

<meta-data android:name="android.webkit.WebView.EnableSafeBrowsing"
android:value="true" />

Upvotes: 1

Mark Morgan Miranda
Mark Morgan Miranda

Reputation: 141

It's because of this: 

webViewFromActivity.settings.javaScriptEnabled = true

Upvotes: 0

Related Questions