The best way to prevent JavaScript injection attacks

Don’t Use In-App Browsers for Anything Important

The best way to prevent JavaScript injection attacks – Both Apple and Google are doing a great job to avoid tracking several sites. Google Chrome is slowly eliminating cookies, and Apple goes further by asking users to block the monitoring of several multiple applications/sites using their emerging windows of application transparency.

However, personalized browsers in the application are out of reach. Such browsers are annoying by default, since they will not have the history, user names, passwords or exchange options for their default browsers. But while they are most commonly found in applications such as Facebook and Instagram, they are not limited to the two large target applications.

In-App Browsers for Anything

Because the applications developers codify browsers in the application, have much more freedom about what happens there. A recent study by Fastlane Felix Krause developer showed that Facebook and Instagram can basically track whatever they want when you use your browser in the application, which they use to open all ads and links by default.

READ MORE :   Add These 10 Mangets To Your App

How does the navigator follow up on the application?

Javascript injection. The study uses Instagram as an example. Instagram injects the goal monitoring code Pixel JavaScript of Meta Meta on each website that opens. It is a library designed so that websites developers track visitors in their place. Goal is injecting it on each site, without asking the website and collecting the data by themselves.

When it opens an Instagram link, the application injects the JavaScript Code (Meta Pixel) that helps application to see and record all kinds of things. They can record what you took, what image you opened, how long you spent on one page and more. Instagram then uses this information to serve more ads and to build an even clearer image of your identity.

Technically, a browser in the application can even register personal information such as passwords and credit card information when entering it in the text field, but the study does not show that Meta is doing something so nefarious. However, it is important to keep in mind that a random application with its own incorporated web browser has the capacity.

READ MORE :   10 Attractive Ways To Improve Yοur App Skills

What can you do with the browser monitoring in the application?

First, every time you open a link on Instagram, Facebook or any other application with a browser in the application, leave there. The application has already recorded that it opened the link and there are not many things you can do about it, but you can stop the follow -up there. Instagram has an option to open the website on the predetermined browser, hidden behind the menu button.

Another option is to stop using the application itself. Change to the version of the web application and will not have to deal with this problem. And if we are talking about Instagram, you will actually get a more pleasant and calm experience without reels.

That is all you can do. For the developers of the website, Felix suggests a code chain that will deceive Instagram to think that his code is already installed on the site. He also has suggestions about what Apple can do to avoid such abuse in the future.

Check Also

Expect to see on Apple Watch Series 8

Expect to see on Apple Watch Series 8/ In a few weeks, Apple is expected …

Leave a Reply

Your email address will not be published. Required fields are marked *