I never use HostNameVerifier in my application google still sending mail and fix the deadline and I need a suggestion for this question.
I got a alert in google play console find below its related to PayPal I didn't found these classes in my code.
Vulnerable classes:
lib.android.paypal.com.magnessdk.network.d$1
lib.android.paypal.com.magnessdk.network.e$1
Try to update your paypal package to the last version.
You can update the paypal to the latest as per the braintree issue they have resolved the issue from the paypal side. For braintree the latest version is:
implementation "com.braintreepayments.api:braintree:3.15.0"
More details available on githug repository:
https://github.com/braintree/braintree_android/issues/325
Related
For my use case, I need to enable monetization feature in wso2am 4.0.0. the solution which is explained in documentation limits us to use stripe as a billing engine ( other mentioned solution i.e. implementing Monetization interface is difficult!!). Stripe is not free and open source. Has anyone found any other solution for handling monetization?
Does anyone know what is the status of Google One-tap AKA YOLO project?
It seems like all the official documentation on One-tap is gone. The cached version states:
The beta test program for this API is currently closed. We are improving the API's cross-browser functionality and will provide updates here in the coming months.
There are quite some websites which are still using this technology, either because they were in Beta and/or whitelisted by Google.
There is a new version that addresses the feedback and issues from the beta, it's available as of 2020 Q1: https://developers.google.com/identity/one-tap/web
All of the prior URLs regarding one tap are all 404 errors now. Seems like it was totally canned and they are deferring to the more generic sign in integration from a website login page.
The offical document of the project has been updated. Please see the latest status there.
this time stuff gonna be the opposite > 2. Headings:
reword//06{GUIDEDLATEVIEW||2022 blank
I launched a game to the Google Play store recently and it was going good until now. I just received an email from Google that says that "One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk " and tells me I need to fix it by August 13.
I personally don't collect or demand any user data or info. However, I used Google Admob ads with Facebook mediation and Unity ads in my game which may be the cause of this problem. So, my question is how to overcome this problem? They also said in the email to make changes in the manifest file. If any one has a similar problem and knows the solution for it, your help would be appreciated.
Here is the email:
"One or more of your apps contains an Intent Redirection vulnerability that puts user data at risk. On August 13, 2019, any apps that contain unfixed security vulnerabilities beyond the dates listed on your Play Console alerts will be removed from Google Play.
Action required
Sign in to your Play Console.
Select Alerts to see which apps contain a security vulnerability, and review the guidance on how to resolve the vulnerability.
Update your affected apps to fix the vulnerabilities.
Submit the updated versions of your affected apps.
Upon resubmission, your app will be reviewed again. This process can take several hours. If the app passes review and is published successfully then no further action is required. If the app fails review then the new app version will not be published and you will receive notification via email."
I was having the same issue "intent redirection your app(s) are vulnerable to intent redirection" and I added exported="false" in every activity, but still got rejected, then I realized the problem was in one of the payment libraries I was using, all I had to do is update the library and the new app update got live.
my issue was in RazorPay payment gateway, I updated it from 1.6.3 to 1.6.6 (latest)
implementation 'com.razorpay:checkout:1.6.6'
they already mentioned this issue here, check it out https://github.com/razorpay/razorpay-android-sample-app/issues/202
I have a same issue, actually Latest Unity Add Xiaomi SDK by default which cause this issue.
Simple remove Xiaomi from your Unity it will fix the issue.
We had received a similar email, In the Play Console/Alert tab, we found this
for us, the reason is "com.androidnative.features.social.common.SocialProxyActivity.StartActivity"
which come from Android Native asset[Ultimate Mobile] - Unity3D.
We used that asset for Advertisements, In-app purchase and play game services instead of using the original SDK. So the possible solution is to remove that asset from our game and use the original SDK.
Here is the Screenshot of my alert.
There are several points to keep in mind to resolve that issue:
The most confusing: you must rollout affected application fixed APK/AAB to 100% on all tracks where it had place to be. Important note is that among others you must rollout production track release to 100% in order to Google to reconstruct your issue.
In the new version of Play Console there is no way to find out any specific information about the issue so you should email Google Support to ask for details. As a respone you may possibly get obfuscated method or class signature, so you need to deobfuscate it.
Read carefully through official document to address issues and resolve them. Our application got rejected because SMS BroadcastReceiver did not apply any permission restraints.
Ihsan Ali
The problem is in the UnityChannel.aar file, you need to open it with the help of the archiver and open the AndroidManifest.XML. I in the line android:exported="true" wrote a false as indicated in the article in Google. Now publish the version and if the error will no longer be reported.
I had the same issue. Just remove xiaomi app game centre from your unity>>game build option. Disabling it will surely clear out the issue.
I am working on POC for monetization in Apigee developer portal http://dev-damuorgn.devportal.apigee.com/admin/dashboard
This is freeware working in cloud.
Here when I try to enable DevConnect Monetization and DevConnect Monetization Payment modules under DevConnect Mint category, I am getting error as “ Monetization feature not available. Please contact Apigee Support”.
Please check and revert back to us.
As mentioned in the comments, this feature is not available for free orgs. Possibly the use of API Products will do what you need in this regard.
I have an ASP.NET Razor / Web Pages site that I need to integrate with PayPal Express Checkout. Edit: this integration requires more than just a simple PayPal-generated button, e.g., I need to dynamically set the price, item description, tax etc.
I am quite new to both Web Pages and PayPal integration so would like to ask what the preferred approach would be.
So far, I have found there are these options:
Use PayPal Helper for WebMatrix
Just read the PayPal spec and create a form with hidden fields etc.
Use some of the NuGet packages from PayPal
Inspire in some custom code like this one
No. 1 is probably some outdated code (both the release date and recent reviews suggest that), no. 2 will certainly work but I'll be on my own, I'm hoping that no. 3 would be the best answer but there are many of those NuGet packages and I haven't found any good examples yet, and 4 is an option if no other works.
Any suggestions? The goal is to have a simple form, below it my custom "Pay Now" button (preferably; could be also a PayPal-provided button) and when user clicks it, the website should redirect him to PayPal, process the payment notification / approval etc.
I realize this question is old, but if you're looking for SDKs provided by PayPal that support Express Checkout, then you have the following two options:
PayPal .NET SDK
This SDK (formerly known as the "RestApiSdk") is built on the newer PayPal REST APIs and provides support for Express Checkout through the Payments API. All API calls use an OAuth token for security and the calls (and associated code) are a bit cleaner than its Classic counterpart. While some aspects of the REST services are still not quite up to par compared to Classic (e.g. Subscriptions), the Payments portion of the REST APIs is mostly at parity with Classic. Moving forward, this is the SDK that PayPal will be investing in and improving, so it's recommended that any new integrations use this SDK.
Recently, the .NET SDK repo on GitHub was updated with a Wiki that should hopefully make it easier to get started using the SDK. Also, a lot of work has also been put into the included samples project to help show how to use SDK with various use cases. And if there's a use case that's missing or needs better/more explanation, definitely don't hesitate to let me know on there. :)
PayPal Classic Merchant SDK
The Merchant SDK has been around for awhile and all the classes are auto-generated from PayPal's publicly-available WSDL schema files. While it provides support for every Express Checkout-related feature, using it is a bit more cumbersome than the REST-based SDK.
PayPal is no longer actively supporting the Merchant SDK and will only be providing bug fixes when necessary. For this reason, PayPal doesn't recommend using this SDK for new integrations.
If you find a feature that you enjoy using in this SDK that isn't available in the REST counterpart, please let me know here or on GitHub. One issue we've noticed for people looking to switch is the REST API does not provide payment history details for payments made via Classic calls. The PayPal SDK team is currently looking into ways this support can be added to the REST-based SDKs to make it easier for developers to make the transition.
The only option you have is to call rest api from asp.net web pages.
You can find the source code of rest api at following places.
https://github.com/paypal/rest-api-sdk-dotnet
http://paypal.github.io/sdk/
Borek,
if you just want PayPal Express Checkout the easiest way to do it is to simply create a PayPal "Buy It Now" button. You don't need to code anything.
You can find out how to do it here https://developer.paypal.com/docs/classic/paypal-payments-standard/ht_create-pps-buttons/ but the basic steps are:
Create the button inside PayPal.
Copy the button code inside PayPal.
Paste it into your website/email whatever.
Hope that helps!