A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is
Today, there are many hybrid apps in which both native Android app UI and WebView UI are used. To protect the security and privacy of the communications, these hybrid apps all use HTTPS by WebView, a key component in modern web browser. In this paper, we show there is another type of SSL vulnerability that stems from the error-handling code in the hybrid mobile web apps. At a high level, this errorhandling code should have stopped the communication but it still proceeds regardless ofdoi:10.1145/2714576.2714583 dblp:conf/ccs/ZuoWG15 fatcat:3bim2mcpjvc4xenrnt6rbws34u