Index

Recorded calls to dangerous WebView settings API

Risk: info

Description

List of all WebView methods used in the application.

Recommendation

This entry is informative, no recommendations applicable.

Links

• DRD02-J. Do not allow WebView to access sensitive local resource through file scheme (CERT Secure Coding)
• DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content (CERT Secure Coding)

Standards

• OWASP_MASVS_L1:
  • MSTG_PLATFORM_2
• OWASP_MASVS_L2:
  • MSTG_PLATFORM_2
• OWASP_MASVS_v2_1:
  • MASVS_PLATFORM_2
  • MASVS_PLATFORM_3