Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

So, You Want To Use A WebView? - Security Considerations and Best Practices

OWASP Foundation via YouTube

Overview

Explore the intricacies of using WebViews in mobile applications through this conference talk from AppSecEU 2015 in Amsterdam. Delve into various aspects including demonstrations, interfaces, testing methodologies, and security considerations. Learn about improvising techniques, interception methods, and the implications of using different URL schemes. Gain insights into threat modeling, targeted malware, and bug bounty programs. Examine the importance of trust chains, hostname verification, and certificate handling in WebView implementations. Conclude with a summary of key takeaways, recommendations for best practices, and additional resources for further learning.

Syllabus

Intro
Demonstration
Interfaces
Testing
Improvising
Interception
File Scheme
HTTPS
Trust Chain
hostname verification
trust
targeted malware
bug bounty
URL schemes
Threat model schemes
Threat model schemes demo
Summary
Thank you
Recommendations
Extras
Cert Printing

Taught by

OWASP Foundation

Reviews

Start your review of So, You Want To Use A WebView? - Security Considerations and Best Practices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.