CodeAnt AI home pagelight logodark logo
  • Dashboard
  • Dashboard
  • Documentation
  • Demo Call with CEO
  • Blog
  • Slack
    • Get Started
    • CodeAnt AI
    • Setup
    • Control Center
    • Pull Request Review
    • IDE
    • Compliance
    • Anti-Patterns
    • Code Governance
    • Infrastructure Security Database
    • Application Security Database
      • Apex
      • Bash
      • C
      • Clojure
      • Cpp
      • Csharp
      • Dockerfile
      • Elixir
      • Fingerprints
      • Generic
      • Go
      • Html
      • Java
      • Javascript
      • Json
      • Kotlin
      • Ocaml
      • Php
      • Problem-based-packs
      • Python
      • Ruby
      • Rust
      • Scala
      • Solidity
      • Swift
        • Biometrics-and-auth
        • Commoncrypto
        • Cryptoswift
        • Insecure-communication
        • Lang
        • Pathtraversal
        • Sql
        • Sqllite
        • Webview
        • Webview
          • Webview-allow-js
          • Webview-baseurl
          • Webview-evaluatejavascript-xss
          • Webview-fileaccess
          • Webview-fraudulent
          • Webview-https
            • Swift webview config https upgrade
          • Webview-loadhtmlstring-xss
          • Webview-permission-readaccess
          • Webview-universal-fileaccess
      • Terraform
      • Typescript
      • Yaml
    Webview-https

    Swift webview config https upgrade

    swift-webview-config-https-upgrade

    Webviews were observed that do not enable the upgradeKnownHostsToHTTPS feature. This feature will ensure accidental HTTP connections are automatically upgraded to HTTPS, avoiding potential data leakage over the network.
    Likelihood: LOW
    Confidence: HIGH
    CWE:
    - CWE-272: Least Privilege Violation

    Swift webview config fraudulent site warningSwift webview xss
    twitterlinkedin
    Powered by Mintlify
    Assistant
    Responses are generated using AI and may contain mistakes.