Skip to main content

Insecure Use of Language/Framework API

Why is this important?

iOS, like any other programming language, is constantly evolving and is deprecating or banning APIs to ensure a safer ecosystem.

Option A: Fixing Deprecated/Banned APIs

  1. Go through the issues that GuardRails identified in the PR

  2. Look for the following patterns and replace them with secure alternatives:

    Banned/DeprecatedPreferred
    SFSafariViewControllerWKWebView
    UIWebViewWKWebView
    strcatstrlcat
    strcpystrlcpy
    strncatstrlcat
    strncpystrlcpy
    sprintfasprintf
    vsprintfvasprintf
    getsfgets
  3. Test it and ensure the functionality works as expected

  4. Ship it 🚢 and relax 🌴

More information