美文网首页2017,我们一起努力程序员iOS Developer
一大早收到苹果的“违反政策通知”,你们收到了吗?

一大早收到苹果的“违反政策通知”,你们收到了吗?

作者: 否极泰来_L | 来源:发表于2017-03-08 10:46 被阅读2765次

    一大早用了JSPatch的APP收到了苹果的“违反政策通知”。

    是因为苹果修改了审核规则

    通知内容:

    Dear Developer,

    Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of theApple Developer Program License AgreementandApp Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.

    This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of your app.

    Please perform an in-depth review of your app and remove any code, frameworks, or SDKs that fall in line with the functionality described above before submitting the next update for your app for review.

    Best regards,

    App Store Review

    相关文章

      网友评论

      • b65a6f134c00:能详细给我解释一下吗?该怎么解决?
        否极泰来_L:@拼搏少女 现在各个第三方都更新了不包含jspatch的包,你更新下。而且现在jspatch也可以上架了貌似。你先要看看你是不是用了看的第三方包含jspatch的
      • nenhall:那你的App有没被下架?
        否极泰来_L:@NegHao 并没有,我只是使用修改一些小bug。只是苹果感觉这样很不安全,容易被别人控制下发恶意代码
        nenhall:@NegHao 好像不是简单的使用了热更新,而是你使用热更新去控制了你的app,导致跟审核的时候不一样,才会这样通知你
        否极泰来_L:@NegHao 没有,通知让在下个版本去除热更新
      • DDDDeveloper:太好了!还是原生应用体验好!
        否极泰来_L:@一个有前途的男人 是啊:smile:
      • 咋了爸爸:用h5写的app 以后不让上线了吗
        否极泰来_L:@咋了爸爸 那倒不是,执行代码必须写在本地,不允许下载执行代码。
      • 吃面多放葱:我今天也收到了:sweat: 苹果要关闭热更新啊
        否极泰来_L:恩恩,至少现在看来是这样的。

      本文标题:一大早收到苹果的“违反政策通知”,你们收到了吗?

      本文链接:https://www.haomeiwen.com/subject/socbgttx.html