Launching a new Chromium-based WebView for Android

Our in-app browser for Facebook on Android has historically relied on an Android System WebView based on Chromium, the open source project that powers many browsers on Android and other operating s…

Nate Schloss
6 min readbeginner
--
View Original

Overview

The article discusses the development and rollout of a new Chromium-based WebView for the Facebook app on Android, aimed at improving security, stability, and performance. It highlights the challenges faced with the existing Android System WebView and outlines how the new WebView addresses these issues while maintaining user experience.

What You'll Learn

1

How to ensure your app uses the latest Chromium security patches

2

Why using a custom WebView can improve app stability

3

How to enhance rendering performance in mobile applications

Key Questions Answered

How does the new Chromium-based WebView improve security for Facebook users?
The new Chromium-based WebView allows Facebook to bundle updates alongside app updates, ensuring users receive the latest security patches. This mitigates risks associated with outdated WebView components, which may be vulnerable to exploits.
What stability improvements does the new WebView provide?
The new WebView runs independently from the System WebView, preventing crashes during updates. This isolation means that one app's use of the WebView does not affect others, enhancing overall app stability and user experience.
How does the new WebView enhance performance compared to the System WebView?
The new WebView utilizes a separate GPU process for rendering, allowing it to run asynchronously and improve rendering performance. This contrasts with the System WebView, which must run synchronously with Android's widget layout, limiting its efficiency.
What are the implications of using a custom WebView for Facebook's app?
Using a custom WebView allows Facebook to control updates and performance optimizations directly, reducing dependency on the Android System WebView. This leads to a more consistent user experience and quicker response to security vulnerabilities.

Technologies & Tools

Web Engine
Chromium
Used as the basis for the new WebView to improve security and performance.

Key Actionable Insights

1
Implement a custom WebView in your Android app to enhance security and performance.
By using a custom WebView, you can ensure that your app receives timely updates and security patches, reducing the risk of vulnerabilities that can affect user data and experience.
2
Regularly rebase your WebView on the latest Chromium versions to maintain security standards.
Keeping your WebView updated with the latest Chromium patches is crucial for protecting users from security exploits and ensuring compliance with industry best practices.
3
Utilize GPU processes for rendering in your WebView to improve performance.
By enabling GPU processes, your app can achieve better rendering performance, leading to a smoother user experience, especially for graphics-intensive applications.

Common Pitfalls

1
Failing to update the System WebView can lead to app crashes and security vulnerabilities.
Many users do not update their WebView, which can expose them to security risks. By implementing a custom WebView, developers can ensure that updates are bundled with app updates, reducing the likelihood of such issues.