Securing Webviews and The Story Behind CVE-2021-21136

Securing Webviews and The Story Behind CVE-2021-21136

Hack In The Box Security Conference via YouTube Direct link

Introduction

1 of 33

1 of 33

Introduction

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Securing Webviews and The Story Behind CVE-2021-21136

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 Chef Sajan
  3. 3 India Mohammed
  4. 4 Agenda
  5. 5 What is a CV
  6. 6 Webviews
  7. 7 Load URL API
  8. 8 Deep Links
  9. 9 Conclusion
  10. 10 Mobile Application Workflow
  11. 11 Bug Explanation
  12. 12 Initial Observations
  13. 13 Timeline
  14. 14 Demo
  15. 15 Role of Plan
  16. 16 Common Webview Issues
  17. 17 Use Case
  18. 18 Code snippet
  19. 19 Insufficient URL validation
  20. 20 Issue with GetHost
  21. 21 Impact
  22. 22 Unintended Data Leakage
  23. 23 Sharing Sensitive Data
  24. 24 Lack of Isolation
  25. 25 LearningsRecommendations
  26. 26 Secure URL Validation
  27. 27 Webview Implementation
  28. 28 Android Webview Implementation
  29. 29 iOS Webview Implementation
  30. 30 iOS Webview Settings
  31. 31 Learnings
  32. 32 References
  33. 33 Live Slide

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.