Call to dangerous WebView settings API
Call to dangerous WebView settings API
Description
List of all WebView methods used in the application.
Recommendation
This entry is informative, no recommendations applicable.
Links
- DRD02-J. Do not allow WebView to access sensitive local resource through file scheme (CERT Secure Coding)
- DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content (CERT Secure Coding)
Standards
- OWASP_MASVS_L1:
- MSTG_PLATFORM_6
- MSTG_PLATFORM_5
- OWASP_MASVS_L2:
- MSTG_PLATFORM_6
- MSTG_PLATFORM_5
- OWASP_MASVS_v2_1:
- MASVS_PLATFORM_2
- MASVS_PLATFORM_3