The Pitfalls of In-App Browsers – Frontend Masters Boost

🌈 Abstract

The article discusses the drawbacks of in-app browsers, which are web browsers embedded within native mobile apps. It covers the various issues with in-app browsers, including:

• Lack of features compared to full-featured browsers
• Privacy and security concerns due to app developers' ability to inject code and monitor user activity
• Inconsistent UI and lack of shared browsing data across devices
• Slower loading times and compatibility issues due to outdated browser internals

The article also provides strategies for detecting and handling in-app browsers, particularly on Android devices, to redirect users to the default browser instead.

🙋 Q&A

[01] Drawbacks of In-App Browsers

1. What are the key drawbacks of in-app browsers compared to full-featured browsers?

• In-app browsers lack features like bookmarking, UI controls, settings, extensions, and downloads that are available in full-featured browsers.
• App developers have control and visibility into users' in-app browsing activity, including the ability to inject code, which raises privacy and security concerns.
• The UI is inconsistent across in-app browsers, and browsing data like history and bookmarks are not shared, leading to a fragmented user experience.
• In-app browsers tend to run on outdated browser internals, causing slower loading times and compatibility issues, especially for users on slower internet connections.

2. How do the in-app browser implementations differ between iOS and Android?

• On iOS, the built-in WebView is part of the iOS WebKit and is updated independently of the OS as part of the Chrome update process.
• On Android, the default built-in WebView is based on the Blink version and may be outdated, as it is not updated as frequently as the iOS WebView.

[02] Detecting and Handling In-App Browsers

1. What tools and techniques are available for detecting and handling in-app browsers?

• The article mentions the use of the inappbrowser.com and inappdebugger.com tools to detect the presence of in-app browsers and the arbitrary JavaScript code they may inject.
• For Android, the article provides a JavaScript example using the inapp-spy library to detect if the website is being viewed in an in-app browser and then attempt to redirect the user to the default browser using an intent: link.
• For iOS, the article notes that there is no reliable way to handle in-app browsers, but a workaround is to provide manual instructions for the user to open the website in the default browser.

2. What are the limitations and drawbacks of the techniques for handling in-app browsers?

• The JavaScript-based approach for Android may be considered heavy-handed, but it is reliable for sensitive websites.
• The iOS workaround of providing manual instructions is fragile and error-prone, and relies on the user following the instructions correctly.
• Overall, the article suggests that the best solution would be for in-app browsers to disappear entirely due to the privacy, security, and user experience concerns they raise.