How to enable Safe Browsing in WebView

No more untrusted content in WebViews

An example view of Android WebView at work with safe browsing enabled

Starting with Android O, Google allows developers to secure webviews in their apps from untrusted external content by separating WebView renderer process from the host application.

This allows the host app to stay away from crashes in renderer process as well as exploit attempts made through malicious content. The renderer process running in its separate process is given a limited set of resources to use, like it can’t do disk write or connect to network on its own limiting the idea of malware attack.

To configure safe browsing, you need to add a new meta data in your app’s manifest. Keep in mind, the meta data must be put inside the application tag. The meta tag must hold the android name,

android.webkit.WebView.EnableSafeBrowsing

and to activate it, the value must be set to true. The following example does the same,

All we need to do is add a meta-data to our app manifest.

One more thing. Safe Browsing isn’t Android O exclusive and can be activated for devices running Android Lollipop and above too owing to the fact that Google decided to distribute WebView as a separate app starting Android 5.0.