最近有两个app,之前都能正常上架,最近更新都收到了如下被拒原因:
Guideline 2.3.1 - Performance
The app contains hidden features.
经过沟通,Apple 审核给出了更详细的反馈:
Guideline 2.5.2 - Performance - Software Requirements
Your app, extension, or linked framework appears to contain code designed explicitly with the capability to change the app’s behavior or functionality after App Review approval.
This code, combined with a remote resource, can facilitate significant changes to the app’s behavior compared to when it was initially reviewed. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes. This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior and/or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of the app.
主要提到了,这些方法:
dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(),
我搜了一下sdk中确实有这些方法。
我在项目中删除了leancloud sdk 然后重新提审,就通过了。有其他人遇到这个问题了吗?我的很多项目都用的leancloud,我该怎么办?
