Do i need to select YES to unrestricted Web Access if i use a WKWebView that ONLY allows one website to be displayed to the user? I have set up that they can't browse another website than one I decided.
No, then you don't need to click this setting, I've created an app that can access all websites even http and I've selected this, the app got a high age rating but got approved.
Be sure that the user cannot hop from that one site to others like if it were a search engine.
Related
We have an Google client App which we are using in production currently and now we need to add a new scope(https://www.googleapis.com/auth/gmail.send) to it which is a sensitive one. For this we need to apply for verification and I am confused with the steps to do it.
The documentation says:
Show that the OAuth Consent Screen correctly displays the App Name.
Show that the URL bar of the OAuth Consent Screen correctly includes your app’s Client ID.
If my App is currently in production how can I add a sensitive scope to it and create a video?
Is there any way to create a video without taking my App off production in this scenario?
I went through this and this but didn't get the proper info for this scenario. But I feel this is very generic case and most of the organisations would have faced this.
If my App is currently in production how can I add a sensitive scope to it and create a video? Is there any way to create a video without taking my App off production in this scenario?
Your going to have to add the new scope to your project on Google cloud console, and then create the video showing your application using the sensitive scope as instructed.
make sure your browser window is sent to english
run your application and show the consent screen where it displays the scopes
and make sure to get a shot of the URL bar where your client id is displayed in the url.
Unfortunately this will probably knock your project out of verification and impact the fact that your application is currently running in production. As far as i know Google does not have any guidelines to existing verified in production applications requesting additional scopes.
If your issue is with development google recommends having a second project that you can use in the testing stage to develop on your application and then move to the new client when you are ready to go to production. This does not however answer how to request additional scopes without breaking your production client.
I am going to contact Google directly for some advice. I will let you know if i hear anything.
I’m working on an app that will be deployed to a fleet of corporate Windows laptops that are bound to Active Directory. Part of the app would need to allow the user to access the company's intranet URL. Would it be at all to automatically authenticate that user for their intranet without forcing another login? They've already logged into their AD account when logging into the laptop so I want to avoid it if possible. I've searched and haven't been able to find any information that covers this case.
Depending on your security strictness, the username package could be a good fit for you.
I just want to know if you think it's possible to get credentials from safari cookie to log someone directly in web view in my app.
I have a "linkedin connect" way to connect into my app.
For the moment, if you have the Linkedin application installed on your device, you could connect in one click. But if you don't have it locally, I opened a webview on linkedin to ask you if you are ok to give us access to your information to create your profile. But currently the user has to re-enter their email and password manually since they don't benefit from the browser's login data.
I would like to fill the field or connect directly the user if he was connected in safari, Do you think it's possible, if yes, what can I used to do this?
Thank you!
NO, thats not possible. Safari is different app than your app and hence web view is safari don't share anything with web view with your app until it has extension to share.bjects of UIWebView class and Safari or other browsers are different and sandboxed. You can check here (official documentation.)
What you want with Linked in is possible with Facebook -- because face book login authentication method provides way to share data between apps -- But in Linkedin there is no similar way.
As given in the answer here, Safari and UIWebview don't seem to share cookies as they are sand boxed from one another.
Recent policy changes with iTunes Connect mean that any application which gives "unrestricted" access to the internet (via UIWebView) must have a 17+ rating.
I have such a feature in my app, but it is a very non-critical feature. Rather than removing it all together, I wondered if there is a way to have an age protection around these features to avoid needing the 17+ rating.
For example: could I require Facebook login and check the user's age?
Has anybody had success with techniques like this?
I've had to use UIWebView in an app before and the best way around it is to restrict it to what it can do. Do you need to give the users wide access to the web or just your site? I simply made a little 10 minute mobile port and mapped it so there was no external site access.
I doubt a Facebook login would satisfy Apple but unrestricted means giving the UIWebView full access to the web by putting in a URL bar or a search box to Google.
I have an intranet site for change control management system. Approval workflow is associated with the list. On new request creation or editing any item, approval workflow task is created and mail notifications are sending to the concerned person. Now approving manager login to the portal and approve the task.
Now they are asking to enable mobile access of those pending task and approve the same from mobile. How do I achieve this?
They DO NOT want to expose this site to internet or extranet.
Every list in Sharepoint 2007 has a Mobile View. It is optimized to be viewed on small cell phones and such.
You can edit any view and see the mobile URL in the bottom - see an example of mobile views here: SharePoint on your Phone!.
Regarding your question: You can share the mobile URL to the task list of your workflow and managers (or whomever) can edit list items and therefore approve or reject your items. However you said "DO NOT expose the site to the intranet or extranet".
That is not possible. If you have your managers connect to your intranet via VPN or something similar you don't have to expose the list to the intranet.
Or have I misunderstood your wanted usage of "mobile"? How would you want external managers, using an external cell phone with external internet (UMTS, WAP, WiFi) accessing your internal site?