{"id":10564,"date":"2014-05-30T12:19:05","date_gmt":"2014-05-30T10:19:05","guid":{"rendered":"https:\/\/www.corelan.be\/?p=10564"},"modified":"2026-03-23T07:16:36","modified_gmt":"2026-03-23T06:16:36","slug":"hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers","status":"publish","type":"post","link":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/","title":{"rendered":"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers"},"content":{"rendered":"

iOS Browsers & UIWebview<\/span><\/h4>\n

iOS is very popular (according to StatCounter, it's the 3rd most popular platform used). \u00a0Mobile browsers take about 20% to 25% of the market share. iOS offers integration with desktop browsers and cloud (so the same data is available to an attacker). \u00a0Many 3rd party IOS browsers have similar weaknesses which are sitll copied to new browsers... and iOS is adopted by certain bug bounties \ud83d\ude42<\/p>\n

\"DSC<\/p>\n

The default iOS browser is Mobile Safari. According to the iOS App Store Review Guidelines, \"2.17 apps that browse the web must use the iOS WebKit Framework and WebKit Javascript\". \u00a0Of course, Mobile Safari is not the only browser available in the Apple Store, some of them are also used on Desktops.<\/p>\n

Browsers are built using UIWebView, which is a component that allows you to include web content inside an application. The key differences between UIWebView and the native Mobile Safari are focused around the UI. \u00a0They both use WebKit at the core, but the native browser uses Viewport instead of UIWebView. \u00a0The UIWebVIew API is quite simple and straightforward. It allows you to get remote files\/html strings\/binary data and you can program some basic navigation functions (goBack, goForward, stopLoading, reload). \u00a0the stringByEvaluatingJavaScriptFromString function allows you to execute javascript from a string, and it will have the same privileges as the page it was taken from (request.mainDocumentURL). \u00a0The remote webserver can block the execution of javascript by using a Content-Security-Policy (CSP). \u00a0Javascript is used to implement browser features and to override native functions to bridge them with Objective-C code to, for instance, implement multiple tabs. \u00a0Finally, the UIWebViewDelegate API allows you to respond to certain events in the loaded documents.\u00a0<\/p>\n

The presenters explain that their research was primarily focused on the behaviour around multiple tabs, address bar, autocomplete & password manager, downloads, support for untrusted SSL certificate and other features (safety ratings, malware protection, cloud integration). They explain that they were inspired by the \"Browser Security Handbook\" (http:\/\/browsersec.googlecode.com), which offers a set of testcases that you can run on your browser. \u00a0(see http:\/\/browsersec.googlecode.com\/files\/browser_tests-1.03.tar.gz<\/a>). \u00a0 Additionally, they performed black-box testing from a web perspective, review of Javascript code and a bit of reversing\/debugging. \u00a0 They prepared some cross-browser test cases and made them available at https:\/\/ios.browsr-tests.com<\/a><\/p>\n

Furthermore, they also retested some previous Mobile Safari Bugs (CVE-2011-3426 etc), and they discovered that some of the fixed were incomplete. \u00a0<\/p>\n

UXSS (Universal XSS)<\/h4>\n

In UXSS, Lukasz says, the attacker exploits a vulnerability in the browser. \u00a0When reporting some bugs, the browser developers typically respond with \"WebKit should handle same-origin policy, right\", blaming iOS. They discovered that this is not always a correct assumption\/reaction. \u00a0Often people just focus on functionality instead of taking security into account. \u00a0CVE-2013-6893, CVE-2013-7197 and CVE-2012-2899 are a few examples of UXSS bugs in various browsers (Mercury, Yandex, Google). In most cases, the issues were caused by the fact that the browser supports the use of multiple tabs and that you can specify what to show\/execute\/... in the child window\/tab. \u00a0on iOS, WebKit doesn't really have multiple tabs, which means the browser developers need to implement all of the required features and functionality themselves. \u00a0The techniques used are quite safe on Desktop browsers, but it's not the case on iOS browsers. \u00a0 \u00a0A parent window\/tab uses the Native UIWebView Same-Origin Policy, they explain. \u00a0To create a new tab, a \"bridge\" in Objective-C must be used, and the developer needs to remember to also update the Address bar and other UI elements. \u00a0To do all of that, a custom Same-Origin Policy is needed. \u00a0The final child window\/tab uses the native SOP again. \u00a0<\/p>\n

\"DSC<\/p>\n

Additionally, since mobile browsers don't really have a native way of downloading files, they usually load the file and then write it using the local file:\/\/ origin. In some cases, files (via Content-Disposition: attachment) are displayed in the origin of the hosting site. \u00a0A new \"isolated attachment origin\" was implemented in iOS 5+, but it doesn't fix all problems. \u00a0Playing with the Content-Type also yielded some interesting results. \u00a0text\/plain could be executed as HTML (< iOS 7, now fixed), application\/octet-stream could be executed as HTML as well, and opening a page with application\/other will trigger Mobile Safari to ask you what app to use to open the file (and potentially gain local cross-origin privileges). \u00a0In any case, if you're able to execute JS, breaking the Same-Origin policy, you could steal cookies, access internal websites, etc. \u00a0Stealing passwords, they explain, is not that easy. \u00a0 \u00a0To handle local html files in a proper way, developers should open the files as text\/plain, apply a Content-Security-Policy header, use an HTML5 sandbox, or use Quick Look instead of UIWebView (because Quick Look doesn't support Javascript).<\/p>\n

From an attack perspective, to exploit an UXSS, your chances on success will increase if you're also able to spoof the address bar. \u00a0In fact, sometimes you don't even need an UXSS bug, just being able to spoof the address bar is sufficient. \u00a0In fact, you can't really use frames and you can usually only attack the parent\/top window of the mobile browser, you can't really hide windows under another one... \u00a0so the success of the UXSS bug may be relatively limited.<\/p>\n

ABS (Address Bar Spoofing)<\/h4>\n

Marek explains that the Address Bar is a part in the browser that is programmed by the developers of the mobile browser. It's not part of the UIWebView. \u00a0The ability to change the content of the website without updating the address bar, is clearly a bad thing. \u00a0One possible way to do this, is to use a timeout function that will update the content of the current page. \u00a0 the \"Init & Interrupt\" technique is another way to achieve ABS. \u00a0Instead of waiting for a page to be loaded, your code would interrupt the load and load something else. \u00a0You can also tell the browser to fall back to a certain page. \u00a0 Bugs were found in Kaspersky Safe Browser and F-Secure Safe browse. \u00a0In some cases, the browser would even keep thegreen \"certificate is ok\" icon, even if you're loading a page using a self-signed certificate. \u00a0<\/p>\n

\"DSC<\/p>\n

Some browsers were vulnerable to the scenario that involves loading an invalid page first and then redirecting to the final phishing page, without updating the address bar. \u00a0 Loading pages in a loop and first connecting to a port that is not listening, before connecting to the actual page\/port, might also allow you to control the URL in the address bar (because the port is often not displayed).<\/p>\n

To fix these issues, it's important to display the URL that is currently loaded within UIWebView, not the one you think will be there. Also, updating the address bar on each event, including webView::didFailLoadWithError. \u00a0Finally, displaying SSL lock makes sense if there was an actual successful and valid SSL connection. \u00a0Not before.\u00a0<\/p>\n

Other common weaknesses<\/h4>\n

They also looked at some other vulnerabilities, including URI schemes (affecting downloads, sending unauthenticated tweets and bypassing popup blockers) and URL handling (format string memory corruption bug in Mobile Safari allowing you to leak contents from the stack, or even accessing the server filesystem when using proxy-rendering).<\/p>\n

Password manager functionalty is also implemented by the web browser developers. \u00a0In one scenario (Kaspersky Safe Browser), the researchers were able to steal passwords from the password manager using a MITM vulnerability (by inserting a hidden frame that automatically receives the username\/password). \u00a0The address bar will get updated very briefly (unless you combine this with an ABS), but the demonstrated attack was successful.<\/p>\n

Finally, the way SSL is handled is important. \u00a0By default, invalid certificates for iOS UIWebView https requests are rejected without user interaction. \u00a0With certain bugs, this behaviour can be changed (so the user would accept a self-signed certificate). \u00a0Opera Coast 3.0 was one of the browsers that was vulnerable to a simple MITM attack.<\/p>\n

\u00a0<\/p>\n

\n

About the speakers<\/h3>\n

Lukasz Pilorz<\/strong> \u2013 previously an application security specialist in an international e-commerce platform, he now works as a penetration tester in one of the largest British banks. Regular speaker at OWASP Poland meetings and initiator of their branch in Poznan. His career in web security started in 2006 on sla.ckers.org.<\/p>\n

Marek Zmyslowski <\/strong>has many years of experience in penetration testing, including banking systems and electronic banking in several Polish banks and financial institutions. Currently he is testing internal system in one of the largest banks in the world as a Lead Penetration Testing Specialist. The holder of the OSCP and OSCE certificate fom Offensive Security. He is also OWASP Poland Board Member. Marek graduated from the Faculty of Electronics and Information Technology in Warsaw\u2019s University of Technology.<\/p>\n

\n","protected":false},"excerpt":{"rendered":"

iOS Browsers & UIWebview iOS is very popular (according to StatCounter, it's the 3rd most popular platform used). \u00a0Mobile browsers take about 20% to 25% of the market share. iOS offers integration with desktop browsers and cloud (so the same data is available to an attacker). \u00a0Many 3rd party IOS browsers have similar weaknesses which … Continue reading \"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers\"<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[2250],"tags":[3783,2775,1007],"class_list":["post-10564","post","type-post","status-publish","format-standard","hentry","category-cons-seminars","tag-conference","tag-hitb","tag-ios"],"yoast_head":"\nIos Web Browsers: Exploring and Exploiting iOS WebViews<\/title>\n<meta name=\"description\" content=\"Discover how iOS Web Browsers and UIWebView handle web content, CSP protections, and related security implications. Read actionable insights now.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ios Web Browsers: Exploring iOS WebViews Security\" \/>\n<meta property=\"og:description\" content=\"Uncover security insights on iOS Web Browsers and UIWebView usage. Learn practical findings today.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/\" \/>\n<meta property=\"og:site_name\" content=\"Corelan | Exploit Development & Vulnerability Research\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/corelanconsulting\" \/>\n<meta property=\"article:published_time\" content=\"2014-05-30T10:19:05+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-23T06:16:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg\" \/>\n<meta name=\"author\" content=\"corelanc0d3r\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Ios Web Browsers \u2013 iOS WebViews Security Analysis\" \/>\n<meta name=\"twitter:description\" content=\"Explore security implications in iOS browsers and UIWebView usage with practical findings.\" \/>\n<meta name=\"twitter:creator\" content=\"@corelanc0d3r\" \/>\n<meta name=\"twitter:site\" content=\"@corelanc0d3r\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"TechArticle\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/\"},\"author\":{\"name\":\"corelanc0d3r\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\"},\"headline\":\"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers\",\"datePublished\":\"2014-05-30T10:19:05+00:00\",\"dateModified\":\"2026-03-23T06:16:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/\"},\"wordCount\":1464,\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2014\\\/05\\\/DSC_0582.jpg\",\"keywords\":[\"conference\",\"hitb\",\"ios\"],\"articleSection\":[\"Cons and Seminars\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/\",\"name\":\"Ios Web Browsers: Exploring and Exploiting iOS WebViews\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2014\\\/05\\\/DSC_0582.jpg\",\"datePublished\":\"2014-05-30T10:19:05+00:00\",\"dateModified\":\"2026-03-23T06:16:36+00:00\",\"description\":\"Discover how iOS Web Browsers and UIWebView handle web content, CSP protections, and related security implications. Read actionable insights now.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2014\\\/05\\\/DSC_0582.jpg\",\"contentUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2014\\\/05\\\/DSC_0582.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/2014\\\/05\\\/30\\\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.corelan.be\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#website\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"name\":\"Corelan CyberSecurity Research\",\"description\":\"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.corelan.be\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#organization\",\"name\":\"Corelan CyberSecurity Research\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"contentUrl\":\"https:\\\/\\\/www.corelan.be\\\/wp-content\\\/uploads\\\/2026\\\/03\\\/corelanlogo2_small-20.png\",\"width\":200,\"height\":200,\"caption\":\"Corelan CyberSecurity Research\"},\"image\":{\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/corelanconsulting\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\",\"https:\\\/\\\/x.com\\\/corelanconsulting\",\"https:\\\/\\\/instagram.com\\\/corelanconsult\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.corelan.be\\\/#\\\/schema\\\/person\\\/3be5542b9b0a0787893db83a5ad68e8f\",\"name\":\"corelanc0d3r\",\"pronouns\":\"he\\\/him\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x\",\"caption\":\"corelanc0d3r\"},\"description\":\"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.\",\"sameAs\":[\"https:\\\/\\\/www.corelan-training.com\",\"https:\\\/\\\/instagram.com\\\/corelanc0d3r\",\"https:\\\/\\\/www.linkedin.com\\\/in\\\/petervaneeckhoutte\\\/\",\"https:\\\/\\\/x.com\\\/corelanc0d3r\"],\"url\":\"https:\\\/\\\/www.corelan.be\\\/index.php\\\/author\\\/admin0\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ios Web Browsers: Exploring and Exploiting iOS WebViews","description":"Discover how iOS Web Browsers and UIWebView handle web content, CSP protections, and related security implications. Read actionable insights now.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/","og_locale":"en_US","og_type":"article","og_title":"Ios Web Browsers: Exploring iOS WebViews Security","og_description":"Uncover security insights on iOS Web Browsers and UIWebView usage. Learn practical findings today.","og_url":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/","og_site_name":"Corelan | Exploit Development & Vulnerability Research","article_publisher":"https:\/\/www.facebook.com\/corelanconsulting","article_published_time":"2014-05-30T10:19:05+00:00","article_modified_time":"2026-03-23T06:16:36+00:00","og_image":[{"url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg","type":"","width":"","height":""}],"author":"corelanc0d3r","twitter_card":"summary_large_image","twitter_title":"Ios Web Browsers \u2013 iOS WebViews Security Analysis","twitter_description":"Explore security implications in iOS browsers and UIWebView usage with practical findings.","twitter_creator":"@corelanc0d3r","twitter_site":"@corelanc0d3r","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"TechArticle","@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#article","isPartOf":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/"},"author":{"name":"corelanc0d3r","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f"},"headline":"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers","datePublished":"2014-05-30T10:19:05+00:00","dateModified":"2026-03-23T06:16:36+00:00","mainEntityOfPage":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/"},"wordCount":1464,"publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"image":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg","keywords":["conference","hitb","ios"],"articleSection":["Cons and Seminars"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/","url":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/","name":"Ios Web Browsers: Exploring and Exploiting iOS WebViews","isPartOf":{"@id":"https:\/\/www.corelan.be\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#primaryimage"},"image":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#primaryimage"},"thumbnailUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg","datePublished":"2014-05-30T10:19:05+00:00","dateModified":"2026-03-23T06:16:36+00:00","description":"Discover how iOS Web Browsers and UIWebView handle web content, CSP protections, and related security implications. Read actionable insights now.","breadcrumb":{"@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#primaryimage","url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg","contentUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2014\/05\/DSC_0582.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.corelan.be\/index.php\/2014\/05\/30\/hitb2014ams-day-2-exploring-and-exploiting-ios-web-browsers\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.corelan.be\/"},{"@type":"ListItem","position":2,"name":"HITB2014AMS - Day 2 - Exploring and Exploiting iOS Web Browsers"}]},{"@type":"WebSite","@id":"https:\/\/www.corelan.be\/#website","url":"https:\/\/www.corelan.be\/","name":"Corelan CyberSecurity Research","description":"Corelan publishes in-depth tutorials on exploit development, Windows exploitation, vulnerability research, heap internals, reverse engineering and security tooling used by professionals worldwide.","publisher":{"@id":"https:\/\/www.corelan.be\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.corelan.be\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.corelan.be\/#organization","name":"Corelan CyberSecurity Research","url":"https:\/\/www.corelan.be\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/","url":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","contentUrl":"https:\/\/www.corelan.be\/wp-content\/uploads\/2026\/03\/corelanlogo2_small-20.png","width":200,"height":200,"caption":"Corelan CyberSecurity Research"},"image":{"@id":"https:\/\/www.corelan.be\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/corelanconsulting","https:\/\/x.com\/corelanc0d3r","https:\/\/x.com\/corelanconsulting","https:\/\/instagram.com\/corelanconsult"]},{"@type":"Person","@id":"https:\/\/www.corelan.be\/#\/schema\/person\/3be5542b9b0a0787893db83a5ad68e8f","name":"corelanc0d3r","pronouns":"he\/him","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","url":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/3783bed6acd72d7fa5bb2387d88acbb9a3403e7cada60b2037e1cbb74ad451f9?s=96&d=mm&r=x","caption":"corelanc0d3r"},"description":"Peter Van Eeckhoutte is the founder of Corelan and a globally recognized expert in exploit development and vulnerability research. With over two decades in IT security, he built Corelan into a respected platform for deep technical research, hands-on training, and knowledge sharing. Known for his influential exploit development tutorials, tools, and real-world training, Peter combines a strong research mindset with a passion for education\u2014helping security professionals understand not just how exploits work, but why.","sameAs":["https:\/\/www.corelan-training.com","https:\/\/instagram.com\/corelanc0d3r","https:\/\/www.linkedin.com\/in\/petervaneeckhoutte\/","https:\/\/x.com\/corelanc0d3r"],"url":"https:\/\/www.corelan.be\/index.php\/author\/admin0\/"}]}},"views":6753,"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/10564","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/comments?post=10564"}],"version-history":[{"count":1,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/10564\/revisions"}],"predecessor-version":[{"id":17832,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/posts\/10564\/revisions\/17832"}],"wp:attachment":[{"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/media?parent=10564"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/categories?post=10564"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.corelan.be\/index.php\/wp-json\/wp\/v2\/tags?post=10564"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}