To clarify for non-tech folk: TL;DR, there's a silent browser war afoot -- a tug-of-war between apps and real browsers. Some apps use technology designed to show in-app content to render (unsafe) out-of-app content. This endangers privacy, but also hurts the web.https://twitter.com/tomayac/status/1105053795917225985 …
-
Show this thread
-
Replying to @slightlylate
Why don't the platforms require explicitly set cors headers in the webview to prevent loading third party sites
1 reply 0 retweets 0 likes
Replying to @benwiley4000
Because the app owns the entire netstack if it wants to. Can fetch content in the app and just `loadData()`: https://developer.android.com/reference/android/webkit/WebView.html#loadUrl(java.lang.String) …
12:25 PM - 11 Mar 2019
0 replies
0 retweets
2 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
& Web Standards TL; Blink API OWNER
Named PWAs w/
DMs open. Tweets my own; press@google.com for official comms.
: the issue is the `shouldInterceptRequest` method (