iOS allows alternative browser engines in Japan
4 months ago
- #iOS
- #Browser Engines
- #Security
- iOS 26.2+ allows alternative browser engines in Japan for dedicated browser apps and in-app browsing.
- Developers must meet strict security, privacy, and functional requirements to use alternative engines.
- Security requirements include memory-safe programming, timely vulnerability fixes, and secure development practices.
- Privacy requirements mandate blocking third-party cookies by default and partitioning storage per top-level site.
- Functional requirements include passing 90% of Web Platform Tests and 80% of Test262.
- Browser engine stewards must have primary responsibility for their engine's security and privacy.
- Apps must label network connections and follow web standards for user consent on sensitive APIs.
- Developers must use modern TLS protocols (TLS 1.2 and 1.3) and maintain root certificate policies if applicable.
- Updates to embedded browser engines must be submitted within 15 days of availability.
- Resources provided include secure SDLC guidance, threat modeling, and vulnerability management.