//clicks the link and reads it in the Mlem in-app browser
Technology
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related content.
- Be excellent to each another!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, to ask if your bot can be added please contact us.
- Check for duplicates before posting, duplicates may be removed
Approved Bots
Clicks the link, and mlem opens the site in FF focus that deletes all cookies when I close it.
Mlem in app browser is using an in app browser API that is secure by design. It doesn’t allow snooping or injecting anything. This article is talking about abusive apps like Facebook that roll their own in app browser.
Edit: although on iOS, the secure iOS in app browser api is always using safari engine, so the user choice argument is still valid.
Yeah, I’m not actually too concerned about the Mlem built-in on iOS. I do try to avoid the one in Facebook/Instagram and move anything I actually want to do to my real browser. I just mainly thought it was funny in the moment.
Just yesterday I followed my email to Amazon, and Amazon to share a product via text.
Idk who had eyes on my sms message at that point, my sms app was opened IN Amazon, which was opened IN Gmail. I e. There was no process running to close JUST Amazon.I could close Gmail to close it all. That was it.
I mean the jerboa in-app browser looks suspiciously just like my firefox. This is only the case with Jerboa, I don't use any other social media.
Wait, it's not my Firefox???
There's two in-app browsers experiences in Android. Developers can either make a pretty facade to a WebView like Facebook or Instagram, that one you have the capabilities to inject JS or CSS as needed, like here. The other one is Chrome Custom Tabs, which browsers like Firefox and Chrome support, developers don't have access to your data in here
It's crazy that the in-app browser isn't an OS-level overlay that the app can't influence or look at what the user is doing in it. It would be totally feasible to implement, at least in theory.
Exact same as with the photos chooser on iOS which should really work in a way that the app never sees your entire photo library except for the photos you end up selecting, but it still being visible in the overlay, which would also allow them to get rid of that incredibly dumb permissions system it has.
It's crazy that the in-app browser isn't an OS-level overlay that the app can't influence or look at what the user is doing in it.
Android and iOS both have apis for in app browsers that are secure by design. Voyager for Lemmy uses this. Mastodon uses this. Last I checked even Twitter used this. However Facebook does not.
these platforms also offer lower level APIs to build custom interface which are more powerful and flexible (but can be abused). This isn’t necessarily a problem. Custom browser apps need that functionality, and apps sometimes display their own content with web views.
The problem is that app stores allow slapping a skin on this more powerful API and treating it like an in app browser to connect to arbitrary sites. Dumb imo. If you offer an in app browser, it should be required to use the platforms secure in app browser API.
More powerful APIs should only be available to browser apps and displaying your own content in a web view.
Oh, good to know! Can you somehow tell which is which or do they look the same?
In that case, being able to use the more powerful widget should be controlled either by what you said or even just behind a permission check the user has to acknowledge.
No you can't. Just use a main stream browser.
In my experience my default browser is always used, Firefox. And I disabled Chrome.
For anything secure I'd always open it in Firefox and never use the in app browser just in case.
Boost for Lemmy has an option to auto open in your default browser. I just wish that it was a system setting. :(
I only use in app browser with jerboa and i kinda do trust em.
The in app browser looks a lot like Firefox.