KojiNakamaru
commented
5 months ago This part is disabled for a release build. cf. #1017
Open SachinTichkule opened 5 months ago
KojiNakamaru
commented
5 months ago This part is disabled for a release build. cf. #1017
net.gree.unitywebview.CWebViewPlugin$4 Line 428 in net/gree/unitywebview/
Calling setWebContentsDebuggingEnabled(true) enables a global switch that allows an attached PC to eavesdrop and modify on all communication inside a WebView element. This can be used to modify the behavior of a WebView in an unintended way.
Note that not calling setWebContentsDebuggingEnabled(true) is necessary to prevent debugging, but is not sufficient. It might still be possible for an adversary to connect a debugger and use it to reverse-engineer or tamper with the app’s behaviour.