26 lines
1.5 KiB
Plaintext
26 lines
1.5 KiB
Plaintext
== Recommended Secure Coding Practices
|
|
|
|
=== Disable JavaScript
|
|
|
|
If it is possible to disable JavaScript in the WebView, this is the most secure option. By default,
|
|
JavaScript is disabled in a WebView, so ``{setJavaScriptEnabledSnippet}`` does not need to
|
|
be explicitly called. Of course, sometimes it is necessary to enable JavaScript, in which case the
|
|
following recommendations should be considered.
|
|
|
|
=== Remove JavaScript interface when loading untrusted content
|
|
|
|
JavaScript interfaces can be removed at a later point. It is recommended to remove the JavaScript
|
|
interface when it is no longer needed. If it is needed for a longer time, consider removing it before
|
|
loading untrusted content. This can be done by calling ``webView.removeJavascriptInterface("interfaceName")``.
|
|
|
|
A good place to do this is inside the ``shouldInterceptRequest`` method of a ``WebViewClient``, where you can
|
|
check the URL or resource being loaded and remove the interface if the content is untrusted.
|
|
|
|
=== Alternative methods to implement native bridges
|
|
|
|
If a native bridge has to be added to the WebView, and it is impossible to remove it at a later point,
|
|
consider using an alternative method that offers more control over the communication flow.
|
|
``WebViewCompat.postWebMessage``/``WebViewCompat.addWebMessageListener`` and ``WebMessagePort.postMessage``
|
|
offer more ways to validate incoming and outgoing messages, such as by being able to restrict the origins
|
|
that can send messages to the JavaScript bridge.
|