Encapsulation is about drawing strong boundaries. In a web browser that might mean ensuring that your mobile code cannot be abused by other mobile code. On the server it might mean differentiation between validated data and unvalidated data, between one user's data and another's, or between data users are allowed to see and data that they are not.
WebMessage message = new WebMessage(WEBVIEW_MESSAGE);
webview.postWebMessage(message, Uri.parse("*"));
*
as the value of the target origin indicates that the script is sending a message to a window regardless of its origin.
o.contentWindow.postMessage(message, '*');
*
as the value of the target origin indicates that the script is sending a message to a window regardless of its origin.Unsafe-URL
might cause applications to expose sensitive site and user data (including session token, usernames and passwords) to third-party sites.Referrer-Policy
header is introduced to control browser behavior related to the referrer header. The Unsafe-URL
option removes all restrictions and sends the referrer header with every request.
<http auto-config="true">
...
<headers>
...
<referrer-policy policy="unsafe-url"/>
</headers>
</http>
Content-Security-Policy-Report-Only
header provides the capability for web application authors and administrators to monitor security policies, rather than enforce them. This header is typically used when experimenting and/or developing security policies for a site. When a policy is deemed effective, you can be enforce it by using the Content-Security-Policy
header field instead.Report-Only
mode:
<http auto-config="true">
...
<headers>
...
<content-security-policy report-only="true" policy-directives="default-src https://content.cdn.example.com" />
</headers>
</http>
Content-Security-Policy-Report-Only
header provides the capability for web application authors and administrators to monitor security policies, rather than enforce them. This header is typically used when experimenting and/or developing security policies for a site. When a policy is deemed effective, you can enforce it by using the Content-Security-Policy
header instead.Report-Only
mode:
response.content_security_policy_report_only = "*"
SLComposeServiceViewController isContentValid
to validate the untrusted data received before using it.
#import <MobileCoreServices/MobileCoreServices.h>
@interface ShareViewController : SLComposeServiceViewController
...
@end
@interface ShareViewController ()
...
@end
@implementation ShareViewController
- (void)didSelectPost {
NSExtensionItem *item = self.extensionContext.inputItems.firstObject;
NSItemProvider *itemProvider = item.attachments.firstObject;
...
// Use the received items
...
[self.extensionContext completeRequestReturningItems:@[] completionHandler:nil];
}
...
@end
SLComposeServiceViewController isContentValid
to validate the untrusted data received before using it.SLComposeServiceViewController isContentValid
callback method to validate it:
import MobileCoreServices
class ShareViewController: SLComposeServiceViewController {
...
override func didSelectPost() {
let extensionItem = extensionContext?.inputItems.first as! NSExtensionItem
let itemProvider = extensionItem.attachments?.first as! NSItemProvider
...
// Use the received items
...
self.extensionContext?.completeRequestReturningItems([], completionHandler:nil)
}
...
}
webview
uses a URL to communicate with your application, the receiving application should verify that the sender matches an allow list of applications that are expected to communicate with it. The receiving application has the option to verify the origin of the calling URL using the UIApplicationDelegate application:openURL:options:
or UIApplicationDelegate application:openURL:sourceApplication:annotation:
delegate methods.UIApplicationDelegate application:openURL:options:
delegate method fails to verify the sender of the IPC call and just processes the calling URL:
- (BOOL)application:(UIApplication *)app openURL:(NSURL *)url options:(NSDictionary<NSString *,id> *)options {
NSString *theQuery = [[url query] stringByRemovingPercentEncoding:NSUTF8StringEncoding];
NSArray *chunks = [theQuery componentsSeparatedByString:@"&"];
for (NSString* chunk in chunks) {
NSArray *keyval = [chunk componentsSeparatedByString:@"="]; NSString *key = [keyval objectAtIndex:0];
NSString *value = [keyval objectAtIndex:1];
// Do something with your key and value
}
return YES;
}
wewbview
uses a URL to communicate with your application, the receiving application should verify that the sender matches an allow list of applications that are expected to communicate with it. The receiving application has the option to verify the origin of the calling URL using the UIApplicationDelegate application:openURL:options:
or UIApplicationDelegate application:openURL:sourceApplication:annotation:
delegate methods.UIApplicationDelegate application:openURL:options:
delegate method fails to verify the sender of the IPC call and just processes the calling URL:
func application(app: UIApplication, openURL url: NSURL, options: [String : AnyObject]) -> Bool {
return processCall(url)
}
webview
uses a URL to communicate with your application, the receiving application should validate the calling URL before proceeding with further actions. The receiving application has the option to verify that it wants to open the calling URL using the UIApplicationDelegate application:didFinishLaunchingWithOptions:
or UIApplicationDelegate application:willFinishLaunchingWithOptions:
delegate methods.UIApplicationDelegate application:didFinishLaunchingWithOptions:
delegate method fails to validate the calling URL and always processes the untrusted URL:
- (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NS Dictionary *)launchOptions {
return YES;
}
webview
uses a URL to communicate with your application, the receiving application should validate the calling URL before proceeding with further actions. The receiving application has the option to verify that it wants to open the calling URL using the UIApplicationDelegate application:didFinishLaunchingWithOptions:
or UIApplicationDelegate application:willFinishLaunchingWithOptions:
delegate methods.UIApplicationDelegate application:didFinishLaunchingWithOptions:
delegate method fails to validate the calling URL and always processes the untrusted URL:
func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool {
return true
}