本文主要是介绍避免因为respondsToSelector:, performSelector:上线被拒,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
避免因为respondsToSelector:, performSelector:上线被拒
记得前段时间iOS开发者很多都收到了使用JSPatch被拒的邮件,
Your app, extension, and/or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with section 3.3.2 of the Apple Developer Program License Agreement and App Store Review Guideline 2.5.2. This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes.
This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of your app.
Please
这篇关于避免因为respondsToSelector:, performSelector:上线被拒的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
