WebKit Stories January 15
WebKit Stories September 22, 2017
Today, the team behind Safari’s web browser engine, WebKit, have detailed how designers should be building sites for the iPhone X. The upcoming iPhone’s sensor housing, aka “notch,” has presented new challenges for designers and developers alike. This has left some implementing creative “solutions” for the problem. Having WebKit lay out some official guidelines for the iPhone X should help web developers around the globe.
WebKit Stories September 24, 2014
App developer Craig Hockenberry has published an article today titled “in-app browsers considered harmful” warning both devs and users of security issues related to apps that take advantage of the feature. “Would it surprise you to know that every one of those apps could eavesdrop on your typing? Even when it’s in a secure login screen with a password field?” expand full story
WebKit Stories August 13, 2014
Apple today has released new versions of Safari for OS X Lion/Mountain Lion and OS X Mavericks that address security and WebKit issues. The Safari 6.1.6 update for the older versions of OS X and Safari 7.0.6 update for the latest OS X are available in Software Update on the Mac App Store. Here are the release notes from Apple’s support page:
WebKit Stories June 2, 2014
Slightly ahead of the keynote later today, Apple has pushed some of its new APIs for developers into the open-source channels. The class in question is a new view that appears to replace the current iOS and OS X WebKit implementations, which enables apps to show webpages and other content inline.
The new framework seems to indicate a focus on cross-platform API compatibility, between iOS and OS X. The leaked framework seems to be fully feature-compatible across platforms. This differs to the situation today, where developers must use the ‘WebView’ class for OS X and ‘UIWebView’ for iOS. This should help developers write more reusable code.
WebKit Stories March 14, 2014
The team took home a $40,000 bounty for their efforts on Safari, as well as a share in a $75,000 prize for co-engineering a zero-day Flash exploit. They say they will donate some of their winnings towards charities representing missing Malaysian Airplane passengers.
The group say that for Safari, they used two different exploit vectors. One vulnerability was a heap overflow in WebKit that enabled arbitrary code execution. The team then used this opening to use another exploit to bypass the application sandbox and run code as if it was user privileged.