Your app includes a WebView that is vulnerable to cross app scripting

Issue

I Have an issue after publish app on playstore

Your app includes a WebView that is vulnerable to cross app scripting. Please see this Google Help >Center article for details.

Vulnerable classes:

com.all.in.one.shopping.app.india.activity.WebViewActivity->setupWebView

And this is my webViewActivity Code-

class WebViewActivity : AppCompatActivity() {

override fun onCreate(savedInstanceState: Bundle?) {
    super.onCreate(savedInstanceState)
    setContentView(R.layout.activity_web_view)

    setupWebView()
}

private fun setupWebView() {
    webViewFromActivity.loadUrl(intent.getStringExtra(AppConstants.WV_URL))
    webViewFromActivity.webViewClient = mWebViewClient
    webViewFromActivity.settings.javaScriptEnabled = true
    webViewFromActivity.settings.domStorageEnabled = true
    webViewFromActivity.requestFocus(View.FOCUS_DOWN)
}

private val mWebViewClient = object : WebViewClient() {
    override fun onPageStarted(view: WebView, url: String?, favicon: Bitmap?) {
        progressBar.visibility = View.VISIBLE
        super.onPageStarted(view, url, favicon)

    }

    override fun shouldOverrideUrlLoading(view: WebView, url: String?): Boolean {
        view.loadUrl(url)
        return true
    }

    override fun onPageFinished(view: WebView, url: String) {
        progressBar.visibility = View.GONE
        super.onPageFinished(view, url)
    }

Solution

It's because of this:

webViewFromActivity.settings.javaScriptEnabled = true

Answered By - Mark Morgan Miranda