Apple’s WebKit team today has released its full “Tracking Prevention Policy.” This policy is an outline of WebKit’s tracking efforts and details what types of tracking WebKit will prevent, countermeasures, and more.
Back in 2014, the WebKit team at Apple released Speedometer, which it touted as “a benchmark for web app responsiveness.” Almost four years later, Apple today has announced Speedometer 2.0 with numerous improvements for developers…
Today, the team behind Safari’s web browser engine, WebKit, have detailed how designers should be building sites for the iPhone X. The upcoming iPhone’s sensor housing, aka “notch,” has presented new challenges for designers and developers alike. This has left some implementing creative “solutions” for the problem. Having WebKit lay out some official guidelines for the iPhone X should help web developers around the globe.
App developer Craig Hockenberry has published an article today titled “in-app browsers considered harmful” warning both devs and users of security issues related to apps that take advantage of the feature. “Would it surprise you to know that every one of those apps could eavesdrop on your typing? Even when it’s in a secure login screen with a password field?”Expand Expanding Close
Apple today has released new versions of Safari for OS X Lion/Mountain Lion and OS X Mavericks that address security and WebKit issues. The Safari 6.1.6 update for the older versions of OS X and Safari 7.0.6 update for the latest OS X are available in Software Update on the Mac App Store. Here are the release notes from Apple’s support page:
The code shows that this is a new addition for OS X 10.10 and iOS 8.
Slightly ahead of the keynote later today, Apple has pushed some of its new APIs for developers into the open-source channels. The class in question is a new view that appears to replace the current iOS and OS X WebKit implementations, which enables apps to show webpages and other content inline.
The new framework seems to indicate a focus on cross-platform API compatibility, between iOS and OS X. The leaked framework seems to be fully feature-compatible across platforms. This differs to the situation today, where developers must use the ‘WebView’ class for OS X and ‘UIWebView’ for iOS. This should help developers write more reusable code.
As usual, the annual Pwn2Own contest featured many hackers targeting the latest operating systems and browsers from the major vendors, including Apple. Threatpost reports that the “Keen Team” focused Safari on Thursday and exploited it with relative ease.
The team took home a $40,000 bounty for their efforts on Safari, as well as a share in a $75,000 prize for co-engineering a zero-day Flash exploit. They say they will donate some of their winnings towards charities representing missing Malaysian Airplane passengers.
The group say that for Safari, they used two different exploit vectors. One vulnerability was a heap overflow in WebKit that enabled arbitrary code execution. The team then used this opening to use another exploit to bypass the application sandbox and run code as if it was user privileged.
To provide a leading browser on Android and iOS, this year Opera will make a gradual transition to the WebKit engine, as well as Chromium, for most of its upcoming versions of browsers for smartphones and computers.
“The WebKit engine is already very good, and we aim to take part in making it even better. It supports the standards we care about, and it has the performance we need,” says CTO of Opera Software, Håkon Wium Lie. “It makes more sense to have our experts working with the open source communities to further improve WebKit and Chromium, rather than developing our own rendering engine further. Opera will contribute to the WebKit and Chromium projects, and we have already submitted our first set of patches: to improve multi-column layout.”
That means there are now three major browser engines: Mozilla’s, Microsoft’s, and now the WebKit engine that Apple adopted from KHTML/Konqueror. With Apple and Google (with its WebKit adaptation Chrome) dominating mobile and now tablets, it is no secret which engine is poised to dominate in the coming years. Good call, Opera.
Opera is already contributing code to WebKit and expects to start rolling out products at MWC this month. Expand Expanding Close
UPDATE [Monday, September 12, 2011 at 3:30pm ET]: Dolphin Browser HD for iPad just went live on the App Store.
Most Android users are quite familiar with the third-party Dolphin Browser app, which has been downloaded over 9 million times and according to TechCrunch just raised $10 million from Sequoia Capital. It appears some of that investment will go towards the company’s efforts on iOS devices as well, as an official iOS version of the browser has just popped up in the App Store.
The iOS version brings over the majority of features that have made Dolphin so popular among Android users. Among them is highly customizable gestures, built-in translations, dock-like sidebar for accessing bookmarks, speed dial, tabbed browsing, and more. Don’t be fooled, however, Dolphin is still based on Apple’s own WebKit, much the same as the default Safari app, all other third-party browsers on the App Store, and the majority of browsers in the smartphone industry. It does have some competitors such as Opera and a handful of smaller players like SkyFire who are starting to gain traction and steadily improving their iOS offerings. Expand Expanding Close
RIM has filed an ‘opposition action’ (viaPatently Apple) in Canada against Apple’s trademark application for ‘WebKit’, the rendering platform based on KHTML that Apple help create before making open-source. The move grants RIM more time to build their case before a November 22, 2011 deadline.
Apple originally filed the trademark application in May of 2010 which, while getting a little bit of media attention, kind of flew under the radar of most. After all, WebKit has been made open-source.. so trademark or no trademark this shouldn’t affect Google, RIM, and all other platforms currently relying on WebKit in their browsers. Right?
If Apple were granted the trademark, it would mean other companies wouldn’t be able to associate the “WebKit” name with their products. Something that could potentially become more valuable if the WebKit name was marketed more prominently as a feature of future devices. Perhaps if Apple branded “WebKit” as a feature or technology in future products, other companies inability to do so would give Apple an advantage. Apple’s trademark application asserts the company’s rights to the name based on a “screenshot of Applicant’s website [WebKit Nightly Builds page] showing use of mark in connection with download of Applicant’s software”. Expand Expanding Close
will fix the issues we’ve been hearing about with some Verizon iPad 2 models. Additionally, the new update is said to contain a fix for FaceTime in addition to security fixes for things like WebKit vulnerabilities and other minor changes.
It isn’t certain yet if this update is for Verizon iPhone 4s but that’s a bit …due as well. Expand Expanding Close
The debate about Flash on iOS devices rarely makes headlines these days, but it’s far from being over. You can see it in an increasing number of apps from third-parties that aim to solve this nasty issue once and for all. While the vast majority of solutions only tackle Flash videos, only a few iOS apps are capable of rendering other content types delivered through Flash, like games and interactive apps.