Introduction to WebView Boundaries and Compatibility.


imToken WebView uses the browser kernel that comes with the user's mobile device by default, we do not modify, hack or replace the kernel with any other open-source kernel. The behavior of parsing and rendering Web pages within the WebView is always consistent with the user's mobile device.

The default kernel for iOS is WKWebView and for Android is chromium (>4.4) / Android WebKit (<4.4). (the kernel on the Android platform may also depend on the user's system)

Consistent behavior of fonts, icons, and other resources with the default browser.


imToken WebView does not sniff, hijack, or alter any internal Web pages. likewise, we do not adopt third-party page content to expand platform compatibility. If you think your web application needs better compatibility or to fix an issue, you will need to change the content on the web and republish it yourself. (for example, add compatibility shims.)


HTTPS is required by default.

If your site lacks an HTTPS certificate, users will receive a security risk alert by default when opening it in imToken WebView. For more information on how to add a HTTPS certificate to your site, please refer to this Document.


When your application needs to obtain a user's address (or others), imToken initiates a permission request to the user by default, the success of which depends on the user's actions.

The imToken application does not inject any user-related content into the WebView.

In the Android platform, if your app is using target="_blank" or any action with similar behavior (e.g., the page will be opened externally using the system default browser. This is to avoid possible XSS vulnerabilities in the Android platform.

If you don't want the link to open in the user's system browser after clicking it, you should avoid using target="_blank".


Blob Protocol

The current imToken application does not support downloading or saving data using the blob protocol on the Android platform.

Cyclic Object Parse

The imToken WebView will not help you with additional processing of cyclic object parsing, if the Web page contains circular references, WebView will simply throw an error.

You can refer to the MDN Documentation to solve issues.