App已经审核通过很久了,一直没改过什么,今天突然收到邮件,不知道是什么意思
Dear Developer,
Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.
This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of your app.
Please perform an in-depth review of your app and remove any code, frameworks, or SDKs that fall in line with the functionality described above before submitting the next update for your app for review.
Best regards,
App Store Review
little_play
没有用这个啊,或者说在哪可以去掉?
2017-03-08 18:34
猫猫猫猫
在线打包的话,打包之前在配置里去掉相关模块的勾选,另外native.js模块也有涉及一些警告里的方法
2017-03-08 23:20
huzi721 (作者)
我代码里好像就只有检查更新的操作,连接我们自己服务器查询了一下,只是提示了一下,这个也不行吗?还有个推也使用了,那现在应该怎么处理呢
2017-03-09 11:18
k***@126.com
看来连更新 的代码都不能有(注释都不行),IOS 检查方法用了 扫描 代码的方式,必须删掉
2017-03-10 09:27
浪客剑心697
个推的人说下周一会更新SDK处理, 云打包会同步更新该SDK吗?
2017-03-10 10:29