Google Play Security Alert - Your app is using an unsafe implementation of the HostnameVerifier

Question

Recently one of my app got a security alert from Google Play as below.

You app is using an unsafe implementation of the HostnameVerifier. And refer a link to Google

Answer 1

HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier(){ 
    public boolean verify(String arg0, SSLSession arg1) {
        return true;
}}); 

This code effectively removes the protection of HTTPS from your connections. You need to delete it.

Disabling hostname verification allows anyone on the network to view and tamper with your network traffic by conducting a Man In The Middle Attack.