How to do local services safely
How to do local services safely
Posted Jun 11, 2025 17:44 UTC (Wed) by notriddle (subscriber, #130608)In reply to: How to do local services safely by koverstreet
Parent article: Covert web-to-app tracking via localhost on Android
And, in this case, it doesn't seem necessary. Instead of having the website ask permission to talk to the app, the app should ask permission to provide services to websites. That makes it a lot easier to build the feature in a fine-grained, legible way, because the storefront can refuse to ship an app if it breaks when the user says "No", can allow an app to expose services only to certain top-level origins (and make the warning a lot more obnoxious if an app wants to provide a service to every domain on the web), and can track historical changes to the policy for all distributed versions of the app (no gaslighting people by doing the attack on a random 1% of the population).
That's already how it works if an app wants to replace a website wholesale[^1]. They should just extend it to do the same thing with apps that want to provide services to a website without replacing it.