Logo Icon Logo
A Crowd-sourced Cookbook on Writing Great Android® Apps
GitHub logo Twitter logo OReilly Book Cover Art

Don't Allow JavaScript in WebView

In Chapter: Securing Your Application
Author: Ian Darwin ('idarwin')
Published? true
FormatLanguage: AsciiDoc

Problem:

You don't want vast swathes of undisciplined code running in every WebView

Solution:

Don't call setEnableJavaScript(true).

Discussion:

Of course this will break JS frameworks.