最近上架APP 被拒了 苹果发来的邮件如下:
Your app, extension, or linked framework appears to contain code designed explicitly with the capability to change your app’s behavior or functionality after App Review approval, which is not in compliance with App Store Review Guideline 2.5.2 and section 3.3.2 of the Apple Developer Program License Agreement.
This code, combined with a remote resource, can facilitate significant changes to your app’s behavior compared to when it was initially reviewed for the App Store. While you may not be using this functionality currently, it has the potential to load private frameworks, private methods, and enable future feature changes. This includes any code which passes arbitrary parameters to dynamic methods such as dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations(), and running remote scripts in order to change app behavior and/or call SPI, based on the contents of the downloaded script. Even if the remote resource is not intentionally malicious, it could easily be hijacked via a Man In The Middle (MiTM) attack, which can pose a serious security vulnerability to users of your app.
Important Information
As a result of violating this guideline, your app’s review has been delayed. Future submissions of this app, and other apps associated with your Apple Developer account, will also experience a delayed review. Deliberate disregard of the App Store Review Guidelines and attempts to deceive users or undermine the review process are unacceptable and is a direct violation Section 3.2(f) of the Apple Developer Program License Agreement. Continuing to violate the Terms & Conditions of the Apple Developer Program will result in the termination of your account, as well as any related or linked accounts, and the removal of all your associated apps from the App Store.
实话看到的时候我懵逼了,各种百度 Google,询问各位网友,都没有得到有效的解决办法,最后查资料知道可以打印第三方库的静态包来看,于是老哥开始一个一个的检查,终于在友盟分享里面找到了问题,发现友盟分享使用了performSelector:, method_exchangeImplementations(),这两个函数,尼玛 问题终于解决,满心欢喜的提交,由于被苹果拉入了黑名单,等待了将近一周的时间,终于审核通过了。
打印第三名.a文件所需命令
1. cd .a上级文件夹目录 (找到.a文件的目录)
2. nm -n xxx.a >> xxx.txt (将 静态库名.a 所用的函数名保存到 xxx.txt 文件中)
打开xxx.txt 文件搜索dlopen(), dlsym(), respondsToSelector:, performSelector:, method_exchangeImplementations()函数名如果有用到的挂彩了,将第三方库更新(有的第三方库最新版本可能不行反而老版本的可以,老哥哥们自己斟酌了)。
最后祝愿各位老哥哥顺利上架App Store
