Connect with us


Shows JavaScript commands injected by an in-app browser



Shows JavaScript commands injected by an in-app browser

We recently covered this: Developer Felix Krause discovered that apps like Facebook and Instagram can record your interactions with websites when using the in-app browser. The trick here is that the Instagram app, for example, inserts its tracking code into every website visited, even when ads are clicked, so that all user interactions can be monitored.

although a Krause further researched and started a project called, which checks which JavaScript commands are executed when the page is accessed in the iOS app’s in-browser.

And according to Krause, TikTok’s custom in-app browser on iOS injects JavaScript code into external websites that allows TikTok to monitor “every input” while a user interacts with a particular website. “From a technical point of view, this is equivalent to installing a keylogger on third-party websites.” says Krause in reference to TikTok’s JavaScript code.

He added that “just because an app injects JavaScript into external websites doesn’t mean the app is doing anything maliciousIn a statement obtained by Forbes, a TikTok spokesperson confirmed the JavaScript code in question, but said it was only used for troubleshooting, troubleshooting and performance monitoring.

This article contains affiliate links, so we mark it as advertisement. By clicking on it, you will directly access the supplier. If you decide to make a purchase there, we will receive a small commission. Nothing changes in the price for you. Thank you for your support!

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *