Skip to main content

Insecure Use of Dangerous Function

Why is this important?

iOS like any other programming language, has dangerous functions. If these functions are not used properly, it can have a catastrophic impact on your app.

JavaScript Injection

Option A: Use operating system APIs securely

  1. Go through the issues that GuardRails identified in the PR.
  2. Locate the dangerous function, loadHTMLString
  3. Ensure that users are not able to influence the filename or the path used to load the file, nor edit the loaded file.
  4. Test it and ensure the functionality works as expected
  5. Ship it 🚢 and relax 🌴

More information: