HTML5-based mobile apps become more and more popular,
mostly because they are much easier to be ported across
different mobile platforms than native apps. HTML5-based
apps are implemented using the standard web technologies,
including HTML5, JavaScript and CSS; they depend on some
middlewares, such as PhoneGap, to interact with the underlying
OS.
Knowing that JavaScript is subject to code injection attacks
we have conducted a systematic study on HTML5-
based mobile apps, trying to evaluate whether it is safe to
rely on the web technologies for mobile app development.
Our discoveries are quite surprising.
read more......http://www.cis.syr.edu/~wedu/Research/paper/xds_attack.pdf
mostly because they are much easier to be ported across
different mobile platforms than native apps. HTML5-based
apps are implemented using the standard web technologies,
including HTML5, JavaScript and CSS; they depend on some
middlewares, such as PhoneGap, to interact with the underlying
OS.
Knowing that JavaScript is subject to code injection attacks
we have conducted a systematic study on HTML5-
based mobile apps, trying to evaluate whether it is safe to
rely on the web technologies for mobile app development.
Our discoveries are quite surprising.
read more......http://www.cis.syr.edu/~wedu/Research/paper/xds_attack.pdf