Google Play Store rejected my app for "violating our dangerous products policy". I tried 3 times to publish new update doing changes.
Every time google rejects the new build and telling that there are vulnerabilities in cordova version 3.5.1, so update to the latest version and publish again. But my phonegap-version is cli-5.2.0. I use whitelist-plugin and meta tag content-security-police in all html files. I build the app with PhoneGap Build and works great on the phone.
How can I fix it???
Every time google rejects the new build and telling that there are vulnerabilities in cordova version 3.5.1, so update to the latest version and publish again. But my phonegap-version is cli-5.2.0. I use whitelist-plugin and meta tag content-security-police in all html files. I build the app with PhoneGap Build and works great on the phone.
How can I fix it???
- 8 Posts
- 0 Reply Likes
- frustrated
Posted 5 years ago
JesseMonroy650 (Volunteer), Champion
- 3325 Posts
- 122 Reply Likes
- 8 Posts
- 0 Reply Likes
The whitelist section of config.xml
And the meta tag in all files:
<access origin="http://www.myweb.es"/> /*where are my php files*/
<allow-navigation href="*" />
<allow-intent href="http://*/*" />
<allow-intent href="https://*/*" />
<allow-intent href="mailto:*" />
<allow-navigation href="data:*" />
<allow-navigation href="file:*" />
And the meta tag in all files:
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src * 'unsafe-inline' 'self' http://*.googleapis.com https://*.googleapis.com; script-src 'self' 'unsafe-inline'">
- 8 Posts
- 0 Reply Likes
I tried to make it less open with
But it was rejected again with the same answer
<meta http-equiv="Content-Security-Policy" content="default-src 'self' http://www.myweb.es; style-src * 'unsafe-inline' 'self' http://*.googleapis.com https://*.googleapis.com; script-src 'self' 'unsafe-inline'">
But it was rejected again with the same answer
- 8 Posts
- 0 Reply Likes
I solved the problem. In previous local compilation without PhoneGap Build I included the file cordova.js v2.9.1.
I didn ́t use this file, I didn ́t have any link to this file (I forgot it was there). I suposed Google automatically find the archive with this version and reject the app.
Thanks for your help and sorry for the inconvenience.
I didn ́t use this file, I didn ́t have any link to this file (I forgot it was there). I suposed Google automatically find the archive with this version and reject the app.
Thanks for your help and sorry for the inconvenience.
JesseMonroy650 (Volunteer), Champion
- 3325 Posts
- 122 Reply Likes
Yes, that is exactly it. Google checks to see if you have applied Cordova.js that has a version that is better than 3.5.1.
To be clear, 3.7.0 is okay, but not 3.5.1.
Glad you solved it.
To be clear, 3.7.0 is okay, but not 3.5.1.
Glad you solved it.
- 26 Posts
- 0 Reply Likes
EmailManager
A sample Apache Cordova application that responds to the deviceready event.
Apache Cordova Team
- 26 Posts
- 0 Reply Likes
EmailManager
A sample Apache Cordova application that responds to the deviceready event.
Apache Cordova Team
Related Categories
-
PhoneGap Build
- 15111 Conversations
- 275 Followers



