cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Georgiev <>
Subject Re: [Android] SecureToken/NoFrak feature addition
Date Fri, 31 Jan 2014 21:34:44 GMT
On Fri, Jan 31, 2014 at 3:27 PM, Andrew Grieve <> wrote:
> Why is loadUrl insecure? (hopefully something less horrible than
> addJsInterface pre JB... :P)

Think about the usecase where a benign website is framed by a
malicious one. Again, this is server side. The app developer can't
prevent it from happening. The framework developer must make sure that
all usecases are handled properly.

View raw message