Playstore App rejection

How to solve this
I submitted a browser app but this mail i received
Here is apk and AIA
Sujalbrowser (36).apk (8.1 MB)

Sujalbrowser (1).aia (861.7 KB)

Some sort of serious issue :thinking:


how are you using the webviewer? an example screenshot might help…
and what is the link to the Google Help Center article?


1 Like

I think your browser shows up the webpage source code and make user able to edit it ?

I think (I’m not sure )

Yes your are right but only show

Try removing that feature and upload it.

1 Like

2. Ensuring that WebViews cannot load local files or execute JavaScript

Call setAllowFileAccess(false) to prevent WebViews with dangerous settings from loading local files or call setJavaScriptEnabled(false) to prevent WebViews with dangerous settings from executing JavaScript code.

The above can be Reason

Did you keep java script enabled (which is true in deafult) ??

Yes by disabling problem will solved?

I can’t confirm ! But may be !

Please don’t resubmit a new update. Otherwise, your app may be get suspended for repeated violations. I will try to find the reason and provide possible solution tomorrow. Please remind me tomorrow.

1 Like

Ok thanks but app is live now without any alert

Will there be any problem In future?

Hmm, remember to keep the java script enabled to false always you update the app.

As Java script can lead to XSS cross site scripting.

Which can make low secured websites run as you wish which is against to google policy.

I also have a browser type app published on playstore does i also need to keep the java script enabled to false

Why we have the option for java script if we cannot use it.? There shpuld be a msg if we set java to true that google will reject your app if this option is on.
Google is really crazy they want not that and that but they want money haha.

Ok thanks I will try

Great A lesson for everyone …hehe

Hi did you find any solution?

I went through all the documentations, nothing specific I found except they want the input to evaluateJavaScript function to be sanitized and make sure we don’t forge requests by websites using arbitrary local files accessed from file:// scheme. I am not sure how we can prevent this.

ask google thjey want things than they should have a solution.