MASTG-TEST-0331: Use of Deprecated WebView APIs

Overview

In this test, we look for references to UIWebView ( WebViews), a deprecated component since iOS 12.0, in favor of WKWebView. UIWebView presents security and performance risks: it does not allow JavaScript to be fully disabled, lacks process isolation (which WKWebView provides), and doesn't support modern web security features like Content Security Policy (CSP).

Steps

1. Extract the app as described in Exploring the App Package.
2. Look for references to UIWebView in the app using Extracting Information from the Application Binary on all executables and libraries.

Observation

The output should contain a list of locations where UIWebViews are used.

Evaluation

The test case fails if any use of UIWebView is found in the app.

Best Practices

MASTG-BEST-0032: Migrate from UIWebView to WKWebView

Demos

MASTG-DEMO-0094: Use of the Deprecated UIWebView