|
|
|
|
|
|
by bacan
1405 days ago
|
|
|
In-App browsers have always been a security nightmare. Similar issues exist with Electron apps as well. But developers continue to use them as HTML + CSS + JS is the easiest way to develop a graphical dynamic UI, for a newbie. Many schools & colleges even teach basic HTML, CSS & JS, so the barrier to entry is very low. I am not sure what a good solution here would be, but maybe we could start by limiting access. Or another way could be to have some way to convert the rendered UI to compiled binary code |
|
|
I never made the connection until you brought it up, but yes, Electron apps are just like using Webkit on iOS. Abstracting UI/UX to a browser engine which has identical security pitfalls to a browser but with far less control and inspection capability.