We very well knew about WebView to provide browsing functionality in our app so that user don't need to leave our app but do you know that some websites show lots of dialog boxes or popups, navigation, and these links, clicks or popups can harm your system. To prevent this harm google introduces Safe browsing with the help of API that tells us about unsafe web resources that host malware or unwanted software.
- Google check the requested URL against the list of unsafe URLs.
- Warn users if they click links in your site that may lead to infected pages.
Now starting from Oreo Android version Google allows their developers to secure WebView application from threat contents.
To enable safe web browsing in your app just add the line in your manifest file :
<manifest>
<application>
<meta-data android:name="android.webkit.WebView.EnableSafeBrowsing" android:value="true" />
</application>
</manifest>
SafetyNet: This service provides to check whether a URL has been marked as a known threat by Google. To implement this request and register Android API key, follow the below steps :
1. Go to Google developer console.
2. Select a project or create a new project.
3. Search for Safe browsing API and enable it.
4. Go to Credentials and enter hash key to generate API key.
Now in your main activity onResume initiate safety net:
Tasks.await(SafetyNet.getClient(this).initSafeBrowsing());
then you can check for particular URL using SafetyNet class:
SafetyNet.getClient(this).lookupUri(your_url_name,
SAFE_BROWSING_API_KEY,
SafeBrowsingThreat.TYPE_POTENTIALLY_HARMFUL_APPLICATION,
SafeBrowsingThreat.TYPE_SOCIAL_ENGINEERING)
.addOnSuccessListener(this,
new OnSuccessListener<SafetyNetApi.SafeBrowsingResponse>() {
@Override
public void onSuccess(SafetyNetApi.SafeBrowsingResponse sbResponse) {
// Indicates communication with the service was successful.
// Identify any detected threats.
if (sbResponse.getDetectedThreats().isEmpty()) {
// No threats found.
} else {
// Threats found!
}
}
})
.addOnFailureListener(this, new OnFailureListener() {
@Override
public void onFailure(@NonNull Exception e) {
// An error occurred while communicating with the service.
if (e instanceof ApiException) {
// An error with the Google Play Services API contains some
// additional details.
ApiException apiException = (ApiException) e;
Log.d(TAG, "Error: " + CommonStatusCodes
.getStatusCodeString(apiException.getStatusCode()));
// Note: If the status code, apiException.getStatusCode(),
// is SafetyNetstatusCode.SAFE_BROWSING_API_NOT_INITIALIZED,
// you need to call initSafeBrowsing(). It means either you
// haven't called initSafeBrowsing() before or that it needs
// to be called again due to an internal error.
} else {
// A different, unknown type of error occurred.
Log.d(TAG, "Error: " + e.getMessage());
}
}
});
Now if you don't want to use it in the background for a long period of time then its recommended to shut it down using:
SafetyNet.getClient(this).shutdownSafeBrowsing();
0 Comment(s)