Skip to content

Call to dangerous WebView settings API

Login Demo

Call to dangerous WebView settings API

Call to dangerous WebView settings API

Description

List of all WebView methods used in the application.

Recommendation

This entry is informative, no recommendations applicable.

Links

DRD02-J. Do not allow WebView to access sensitive local resource through file scheme (CERT Secure Coding)
DRD13. Do not provide addJavascriptInterface method access in a WebView which could contain untrusted content (CERT Secure Coding)

Standards

OWASP_MASVS_L1:
- MSTG_PLATFORM_6
- MSTG_PLATFORM_5
OWASP_MASVS_L2:
- MSTG_PLATFORM_6
- MSTG_PLATFORM_5
OWASP_MASVS_v2_1:
- MASVS_PLATFORM_2
- MASVS_PLATFORM_3