Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Disable Google Safe Browsing in WebViews #13743

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

colleirose
Copy link

@colleirose colleirose commented Oct 23, 2024

First time contributor checklist

Contributor checklist

  • Google Pixel 8, Android 14 (GrapheneOS)
  • My contribution is fully baked and ready to be merged as is
  • I ensure that all the open issues my contribution fixes are mentioned in the commit message of my first commit using the Fixes #1234 syntax

Description

By default, Google Safe Browsing is enabled in WebView objects; see https://developer.android.com/develop/ui/views/layout/webapps/managing-webview#safe-browsing. Safe Browsing requires sending any URLs loaded in WebViews to Google to check for malicious contents. As the WebView URLs loaded are generally either Signal websites or reputable payment providers for donations, the potential security benefits of Google scanning for phishing websites do not outweigh the privacy issues of sending this information to Google.

By default, Google Safe Browsing is enabled in WebView objects; see https://developer.android.com/develop/ui/views/layout/webapps/managing-webview#safe-browsing. Safe Browsing requires sending any URLs loaded in WebViews to Google to check for malicious contents. As the WebView URLs loaded are generally either Signal websites or reputable payment providers for donations, the potential security benefits of Google scanning for phishing websites outweigh the privacy issues of sending this information to Google.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

1 participant