Menu
The agreement says this:
3.3.2 An Internal Use Application may not download or install executable code. Interpreted code may only be used in an Application if all scripts, code and interpreters are packaged in the Application and not downloaded. The only exception to the foregoing is scripts and code downloaded and run by Apple's built-in WebKit framework.
It particular it says ".. code downloaded .. by Webkit framework".
Does anybody know if for a native app using UIWebView this means Javascript has to be downloaded automatically by Webkit i.e. as a consequence of the user clicking on an external url link. Or if it would be acceptable for the scripts to be downloaded by creating my own HTTP connection to a server and downloading them myself - but they would be executed within Webkit (via UIWebView) ?
I presume this restriction is for security purposes, so does the security come from limiting the execution to within WebKit, as opposed to where the scripts are downloaded from?
I realize its unlikely anybody can definitively answer this except Apple, but speculate answers are very welcome.
Thanks
726
The exception that Apple is making is based upon the sandboxed nature of Webkit/UIWebView - in effect, it provides an "allowed" scriptable environment precisely because it is so well sandboxed. If you provide a UIWebView, it doesn't make any real difference if the user navigates to a site that then executes some Javascript in the browser, versus you programmatically getting some Javascript via NSURLConnection or other way, and then loading that into the UIWebView be reloading an HTML file or using "stringByEvaluatingJavaScriptFromString".
188
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
