[CharlesW]

This class of security problem is also a great reason to never allow custom browser engines.

[smoldesu]

...why wouldn't it be possible? iOS has application sandboxing, just drop all DNS requests for the webview that's outside a developer-defined namespace. I'm sure someone at Apple could find a better way to implement it, but we shouldn't accept lame excuses like this. Apple has 200 billion dollars in cash, this is not an advanced problem space.

[happyopossum]

Then the app can use DOH, or tunnel DNS requests over something else - a non-safari browser engine wouldn’t have to use system DNS by any means…

[jamespo]

I thought non-safari browser engines were banned

[als0]

They are. This is a hypothetical discussion.

[postalrat]

How about services like luna, stadia, etc which can render any sort of interactive content (typically games)?