Closed romualdszkudlarek closed 6 years ago
No
Sent from a mobile device with autocomplete.
Op 16 jun. 2017 07:10 schreef "Sven" notifications@github.com:
@commjoen https://github.com/commjoen Are you working on this now?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/OWASP/owasp-mstg/issues/380#issuecomment-308941949, or mute the thread https://github.com/notifications/unsubscribe-auth/ABY8PtIqAbA7PSGRfDfTfHC0fbudUQ68ks5sEhw8gaJpZM4Mqq9l .
@xep624 Can you already share a draft or when do you think it will be ready? Thanks
This test case doesn't make much sense for iOS. Closed it. https://github.com/OWASP/owasp-mstg/blob/master/Document/0x06h-Testing-Platform-Interaction.md#testing-whether-java-objects-are-exposed-through-webviews
Looks like its "Javascript" not the Java.
I closed it as there are no Java objects in iOS. But you are right it's about JavaScript accessing functions in iOS, which is of course possible (https://developer.apple.com/library/content/documentation/AppleApplications/Conceptual/SafariJSProgTopics/ObjCFromJavaScript.html). Thanks for your comment.
The actual problem is, that the MASVS requirement is not generic enough. Will make a PR for it.
I'll do this section next week (I'll start on 3rd July)
Great. Thanks Pawel
I see that this point is removed from TO DOs from the file 0x06h-Testing-Platform-Interaction.md. Should I just add it?
You can add it to "Exposing Native Objects to WebViews" https://github.com/OWASP/owasp-mstg/blob/master/Document/0x06h-Testing-Platform-Interaction.md#exposing-native-objects-to-webviews
@commjoen Are you working on this now?