Hacker News new | past | comments | ask | show | jobs | submit login

True, but a native app can read (and inject scripts into) the DOM of any website in a WebView component within the app. The app can also read all cookies that are created from within the WebView (not cookies from Safari). Think how many apps use native "in app" webviews, e.g. reddit, facebook, etc.

Now think about login pages, oauth flows, etc...

There are lots of opportunities to slurp data from a native app.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: