This reminds me, back when I used to do app security, one of the issues with webviews was that some apps would hide much of the UI that users are used to seeing in browsers to make security decisions. So if an attacker could, via some vulnerability, redirect the site being viewed in the webview to one of their choosing, the user wouldn't be any the wiser.
I think it would generally be better if webviews, by default, have restricted navigation, and the developer has to deliberately whitelist domains they wish to view in it. Rather than having to write a navigation delegate or similar to implement their own whitelist, which most developers won't bother with.
The VPN software we used was configured one day to start presenting web view for oauth sign-in with no announcements this would change. The view had no navigation bar. Could not right click and get properties. No way to verify that what was loaded was secure or valid. Whether any of that could be trusted is additional question, but yes, some presentations of web views are terrible.
Here's their charter: https://github.com/WebView-CG/charter/blob/main/charter.md
This reminds me, back when I used to do app security, one of the issues with webviews was that some apps would hide much of the UI that users are used to seeing in browsers to make security decisions. So if an attacker could, via some vulnerability, redirect the site being viewed in the webview to one of their choosing, the user wouldn't be any the wiser.
I think it would generally be better if webviews, by default, have restricted navigation, and the developer has to deliberately whitelist domains they wish to view in it. Rather than having to write a navigation delegate or similar to implement their own whitelist, which most developers won't bother with.