{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,19]],"date-time":"2026-02-19T02:13:36Z","timestamp":1771467216831,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":30,"publisher":"ACM","license":[{"start":{"date-parts":[[2021,10,6]],"date-time":"2021-10-06T00:00:00Z","timestamp":1633478400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Singapore National Research Foundation under the National Satellite of Excellence in Mobile Systems Security and Cloud Security program","award":["NRF2018NCRNSOE004-0001"],"award-info":[{"award-number":["NRF2018NCRNSOE004-0001"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2021,10,6]]},"DOI":"10.1145\/3471621.3471625","type":"proceedings-article","created":{"date-parts":[[2021,10,7]],"date-time":"2021-10-07T14:50:46Z","timestamp":1633618246000},"page":"386-398","source":"Crossref","is-referenced-by-count":8,"title":["On the Usability (In)Security of In-App Browsing Interfaces in Mobile Apps"],"prefix":"10.1145","author":[{"given":"Zicheng","family":"Zhang","sequence":"first","affiliation":[{"name":"Singapore Management University, Singapore"}]}],"member":"320","published-online":{"date-parts":[[2021,10,7]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Access in 2021. WebView. http:\/\/developer.android.com\/reference\/android\/webkit\/WebView.html.  Access in 2021. WebView. http:\/\/developer.android.com\/reference\/android\/webkit\/WebView.html."},{"key":"e_1_3_2_1_2_1","unstructured":"Accessed in 2021. Chrome Custom Tabs. https:\/\/developer.chrome.com\/docs\/multidevice\/android\/customtabs\/.  Accessed in 2021. Chrome Custom Tabs. https:\/\/developer.chrome.com\/docs\/multidevice\/android\/customtabs\/."},{"key":"e_1_3_2_1_3_1","unstructured":"Accessed in 2021. Chrome Custom Tabs Implementation Guide. https:\/\/developer.chrome.com\/docs\/android\/custom-tabs\/integration-guide\/.  Accessed in 2021. Chrome Custom Tabs Implementation Guide. https:\/\/developer.chrome.com\/docs\/android\/custom-tabs\/integration-guide\/."},{"key":"e_1_3_2_1_4_1","unstructured":"Accessed in 2021. SFSafariViewController. https:\/\/developer.apple.com\/documentation\/safariservices\/sfsafariviewcontroller.  Accessed in 2021. SFSafariViewController. https:\/\/developer.apple.com\/documentation\/safariservices\/sfsafariviewcontroller."},{"key":"e_1_3_2_1_5_1","unstructured":"Accessed in 2021. UIWebView. https:\/\/developer.apple.com\/documentation\/uikit\/uiwebview.  Accessed in 2021. UIWebView. https:\/\/developer.apple.com\/documentation\/uikit\/uiwebview."},{"key":"e_1_3_2_1_6_1","unstructured":"Accessed in 2021. W3C: Web Security Context: User Interface Guidelines. http:\/\/www.w3.org\/TR\/wsc-ui\/.  Accessed in 2021. W3C: Web Security Context: User Interface Guidelines. http:\/\/www.w3.org\/TR\/wsc-ui\/."},{"key":"e_1_3_2_1_7_1","unstructured":"Accessed in 2021. WebViewClient.onPageFinished. https:\/\/developer.android.com\/reference\/android\/webkit\/WebViewClient#onReceivedSslError(android.webkit.WebView %20android.webkit.SslErrorHandler %20android.net.http.SslError)).  Accessed in 2021. WebViewClient.onPageFinished. https:\/\/developer.android.com\/reference\/android\/webkit\/WebViewClient#onReceivedSslError(android.webkit.WebView %20android.webkit.SslErrorHandler %20android.net.http.SslError))."},{"key":"e_1_3_2_1_8_1","unstructured":"Accessed in 2021. WebViewClient.onReceivedSslError. https:\/\/developer.android.com\/reference\/android\/webkit\/WebViewClient#onReceivedSslError(android.webkit.WebView %20android.webkit.SslErrorHandler %20android.net.http.SslError)).  Accessed in 2021. WebViewClient.onReceivedSslError. https:\/\/developer.android.com\/reference\/android\/webkit\/WebViewClient#onReceivedSslError(android.webkit.WebView %20android.webkit.SslErrorHandler %20android.net.http.SslError))."},{"key":"e_1_3_2_1_9_1","volume-title":"An Empirical Evaluation of Security Indicators in Mobile Web Browsers","author":"Amrutkar Chaitrali","unstructured":"Chaitrali Amrutkar , Patrick Traynor , and Paul Oorschot . 2013. An Empirical Evaluation of Security Indicators in Mobile Web Browsers . In IEEE Trans. on Mobile Computing . Chaitrali Amrutkar, Patrick Traynor, and Paul Oorschot. 2013. An Empirical Evaluation of Security Indicators in Mobile Web Browsers. In IEEE Trans. on Mobile Computing."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-33383-5_6"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/TMC.2013.90"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382205"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382204"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23323"},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2970276.2970368"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134021"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134021"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3133987"},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/2076732.2076781"},{"key":"e_1_3_2_1_20_1","unstructured":"Tongbo Luo Xing Jin Ajai Ananthanarayanan and Wenliang Du. 2013. Touchjacking Attacks on Web in Android iOS and Windows Phone. In Foundations and Practice of Security.  Tongbo Luo Xing Jin Ajai Ananthanarayanan and Wenliang Du. 2013. Touchjacking Attacks on Web in Android iOS and Windows Phone. In Foundations and Practice of Security."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"crossref","unstructured":"Claudio Rizzo Lorenzo Cavallaro and Johannes Kinder. 2018. BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews. In Research in Attacks Intrusions and Defenses.  Claudio Rizzo Lorenzo Cavallaro and Johannes Kinder. 2018. BabelView: Evaluating the Impact of Code Injection Attacks in Mobile Webviews. In Research in Attacks Intrusions and Defenses.","DOI":"10.1007\/978-3-030-00470-5_2"},{"key":"e_1_3_2_1_22_1","volume-title":"Spartan Jester: End-to-End Information Flow Control for Hybrid Android Applications. In 2017 IEEE Security and Privacy Workshops (SPW).","author":"Sexton Julian","year":"2017","unstructured":"Julian Sexton , Andrey Chudnov , and David\u00a0 A. Naumann . 2017 . Spartan Jester: End-to-End Information Flow Control for Hybrid Android Applications. In 2017 IEEE Security and Privacy Workshops (SPW). Julian Sexton, Andrey Chudnov, and David\u00a0A. Naumann. 2017. Spartan Jester: End-to-End Information Flow Control for Hybrid Android Applications. In 2017 IEEE Security and Privacy Workshops (SPW)."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2014.23205"},{"key":"e_1_3_2_1_24_1","volume-title":"Proc. ACM WWW.","author":"Steiner Thomas","year":"2018","unstructured":"Thomas Steiner . 2018 . What is in a Web View? An Analysis of Progressive Web App Features When the Means of Web Access is not a Web Browser . In Proc. ACM WWW. Thomas Steiner. 2018. What is in a Web View? An Analysis of Progressive Web App Features When the Means of Web Access is not a Web Browser. In Proc. ACM WWW."},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660357"},{"key":"e_1_3_2_1_26_1","volume-title":"\u00a0C. Chang","author":"Wu Daoyuan","year":"2014","unstructured":"Daoyuan Wu and Rocky K . \u00a0C. Chang . 2014 . Analyzing Android Browser Apps for file:\/\/ Vulnerabilities. In Proc. Springer Information Security Conference (ISC) . Daoyuan Wu and Rocky K.\u00a0C. Chang. 2014. Analyzing Android Browser Apps for file:\/\/ Vulnerabilities. In Proc. Springer Information Security Conference (ISC)."},{"key":"e_1_3_2_1_27_1","volume-title":"\u00a0C. Chang","author":"Wu Daoyuan","year":"2015","unstructured":"Daoyuan Wu and Rocky K . \u00a0C. Chang . 2015 . Indirect File Leaks in Mobile Applications. In Proc. IEEE Mobile Security Technologies (MoST) . Daoyuan Wu and Rocky K.\u00a0C. Chang. 2015. Indirect File Leaks in Mobile Applications. In Proc. IEEE Mobile Security Technologies (MoST)."},{"key":"e_1_3_2_1_28_1","volume-title":"Proc. IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN).","author":"Wu Daoyuan","unstructured":"Daoyuan Wu , Debin Gao , Robert\u00a0 H. Deng , and Rocky K . \u00a0C. Chang. 2021. When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid . In Proc. IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN). Daoyuan Wu, Debin Gao, Robert\u00a0H. Deng, and Rocky K.\u00a0C. Chang. 2021. When Program Analysis Meets Bytecode Search: Targeted and Efficient Inter-procedural Analysis of Modern Android Apps in BackDroid. In Proc. IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN)."},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1124772.1124863"},{"key":"e_1_3_2_1_30_1","volume-title":"Iframes\/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities. In 28th USENIX Security Symposium.","author":"Yang Guangliang","year":"2019","unstructured":"Guangliang Yang , Jeff Huang , and Guofei Gu . 2019 . Iframes\/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities. In 28th USENIX Security Symposium. Guangliang Yang, Jeff Huang, and Guofei Gu. 2019. Iframes\/Popups Are Dangerous in Mobile WebView: Studying and Mitigating Differential Context Vulnerabilities. In 28th USENIX Security Symposium."}],"event":{"name":"RAID '21: 24th International Symposium on Research in Attacks, Intrusions and Defenses","location":"San Sebastian Spain","acronym":"RAID '21"},"container-title":["24th International Symposium on Research in Attacks, Intrusions and Defenses"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3471621.3471625","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3471621.3471625","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T21:24:48Z","timestamp":1750195488000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3471621.3471625"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,10,6]]},"references-count":30,"alternative-id":["10.1145\/3471621.3471625","10.1145\/3471621"],"URL":"https:\/\/doi.org\/10.1145\/3471621.3471625","relation":{},"subject":[],"published":{"date-parts":[[2021,10,6]]}}}