Extraneous Functionality¶ JavaScript Enable in a Webview¶ The mobile application has enabled JavaScript in WebView. By default, JavaScript is disabled in WebView, if enabled it can bring various JS-related security issues, such as Cross-Site Scripting (XSS) attacks. Example of insecure code: WebSettings settings = webView.getSettings(); settings.setJavaScriptEnabled(true); Was this page helpful? Thanks for your feedback! Thanks for your feedback! Help us improve this page by using our feedback form.