Your app com.reel version code 4 includes SDK com.stripe:stripe-android, 14.2.1 which facilitates the transmission or collection of personal and sensitive information. Such behavior must comply with Google Play's Prominent Disclosure & Consent Requirements and applicable privacy policy requirements as described in the User Data policy.
Starting from July 12, 2021 midnight (UTC), new app releases containing this SDK version that do not meet the Prominent Disclosure & Consent Requirements per the User Data policy will be rejected. You may consider upgrading to 16.9.0, which the SDK provider has recommended for use instead. Please consult the SDK provider for further information.
Learn More
Let me Know what is wrong in this I am getting above warning from the play store for the stripe message. React native
Till version 14.2.1 Stripe SDK is not compliant with Google Play's Prominent Disclosure & Consent Requirements. They removed non compliant code from version 14.3.0.
So you should not have this issue anymore using version >= 14.3.0.
Source: https://github.com/stripe/stripe-android/blob/master/CHANGELOG.md#1421---2020-03-26
Can anyone provide me the steps or the testing criteria which Microsoft App approval team is using?
I have tried 3 times to get my app approved from them but it is failing due to some design related issue. They have not reproted any functionality related or technical bugs though.
So can you please provide some type of guidelines other than the Official guideline provided by Microsoft?
I have already gone through the guidelines provided by Microsoft for the SharePoint Addin.
https://learn.microsoft.com/en-us/office/dev/store/validation-policies
Is there anything else I need to consider?
If I want how can I contact with Microsoft tester to get appropriate details of error or let them understand that they reported as a bug is actually not a bug?
At last I am able to get it approved you can visit that app here:
https://appsource.microsoft.com/en-us/product/office/WA104381785
I am porting my Chrome extension to work in Microsoft Edge. I used Microsoft's toolkit and bridged the code. But i get an error is console saying "SCRIPT5007: Unable to get property 'contains' of undefined or null reference". This is thrown at the place where i have called chrome.permissions.contains.
Let me know if there is a solution for this or if there is a documentation for all these incompatibilities.
The API is not currently supported by Edge. Microsoft lists it as "Under consideration".
So the only solutions are:
Do not use chrome.permissions in your port. Probably by granting the widest permissions possible. Unpleasant, but you have to explain to users that it's a platform limitation.
Wait until it is supported (which is not guaranteed; FF's WebExtension platform doesn't support them yet either).
The roadmap of API support is here: Microsoft Edge extension API roadmap
Detailed list of supported APIs with known issues/incompatibilities: Supported APIs
I've heard that Code Access Security is changing completely under .NET Framework 4. Can anyone confirm how this will now work, and what the implications will be for legacy applications?
It's being deprecated so it really isn't being "changed" per se:
http://www.infoq.com/news/2009/11/CAS-Replaced
When I create an Azure ASP.NET application, by default .NET trust level is Full trust. I always change it to Windows Azure partial trust which is similar to ASP.NET's medium trust level.
You can do it either by using GUI when you select Properties on the Role or by setting enableNativeCodeExecution to false in the definition file (.csdef) just like below:
<WebRole name="ServiceRuntimeWebsite" enableNativeCodeExecution="false">
As a security conscious developer I want by default to run my application in partial trust mode that provides a higher level of security. If I need to use something like Reflection or P/Invoke, as a developer I want to make the decision to lower that trust level by myself.
I'm sure there's a reason why Microsoft decided to use Full trust as a default .NET trust level, I just fail to see it. If you know the reason, or you think you know it, please let me know.
Full trust is not only required for P/Invoke for .NET reflection as well. As a bottom line result, nearly all moderately sized apps need full trust because nearly all widespread libraries need it too (NHibernate for example). Actually, I have been asking from the exact opposite question on the Azure forums too.
The issue of full or partial trust pertains to the environment in which your application runs. The more control and/or "ownership" of the environment and assemblies you have, the more acceptable it is to have full-trust settings.
For example, if you create an Azure web site (July 2012 capability) and, mimicking wordpress or Umbraco, your web site allows arbitrary assembly plugins to be downloaded and installed, then it is important to have a partially-trusted environment. It is possible that one of the plugins downloaded and executed, which you don't control or own, contains malware. Not only does this impact the security and stability of your web site, but some may argue it impacts other (multi-tenant) hosted web-sites which have no relation to yours.
Certainly your web site will rely on 3rd party libraries, such as Log4Net or StructureMap, but those are extremely well-known and vetted libraries that are not in question regarding their security impact. Ergo, if you are running an Azure web-role (a much less "multi-tenant" type affair) and you are merely running such "trusted" 3rd party apps, then there really is not an issue with running as full-trust.
Yes, unfortunately it is still very hard (if not impossible) to write large .NET apps that run in partial trust.
We need much better technology and tools (like CAS.NET)
Because Medium Trust is now officially obsolete. If you start a new web project in Visual Studio, it already requires Full Trust (and doesn't work partial trust). Microsoft says: Do not depend on Medium Trust, instead, use Full Trust, and isolate untrusted applications in separate application pools.
Sources:
Stackoverflow answer: Quoted response ASP.NET team
Microsoft: ASP.NET Partial Trust does not guarantee application isolation
Microsoft: ASP.NET web development best practices