Tuesday, 7 January 2020

How to zero out user data in memory (RAM) of WKWebView after dealloc

I would like iOS to zero out user sensitive data from memory (specifically username/password entered in html pages) of WKWebView once user is done with it.

Below project depicts the difference in memory management of WKWebView & UITextField -

https://github.com/iosappdeveloper/CleanMemoryCheck.git

  1. In case of UITextField (a native control), the system automatically zeros out memory once UITextField object is deallocated -

As a user, when I input text (e.g. tingtong) in UITextField and then as Xcode developer, I pause Xcode to locate the memory address. (notice first cstr_refs call below) However, once UITextField is deallocated (user pop out of screen), developer is not able to locate the memory for same user text. (second cstr_refs call below)

Pause and check in Xcode command line

  1. In case of WKWebView, the system does not zero out memory after WKWebView is deallocated -

As a developer, I'm able to locate the memory of user input text (i.e. username/password on google.com login) EVEN after WKWebView is deallocated (pop out of screen).

Is there any explicit API or project setting that can help me achieve the same in WKWebView managed data?



from How to zero out user data in memory (RAM) of WKWebView after dealloc

No comments:

Post a Comment