How to prevent H5 embedded in mobile APP from opening external chain?

The embedded page of APP can be captured to get the link and then opened in the browser, so there will be a problem with security. Related to the user’s personal information disclosure, theft and a series of problems.

At first, the back end asked me to append fields to user-Agent in the interface RequestHeaders

Originally, I found the browser logo and felt something was wrong. I tried to modify the User-agent, but it took a long time to add it. It’s not very fun, it’s not very compatible, it’s not very compliant. The User Agent field of the browser is confusing. For example, when a certain version of Chrome accesses the network, the User Agent field is as follows:

Mozilla / 5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.29 Safari/537.36

• Mozilla/5.0: netscape’s browser logo. In the early days of the Internet, the browser market was dominated by Netscape, and many servers were set up to only respond to requests from browsers with the Mozilla logo, so newer browsers had to add this field to break into the market.
• Windows NT 6.3: Windows 8.1 identifier
• WOW64:32-bit Windows running on 64-bit processors
• AppleWebKit/537.36: A rendering engine developed by Apple
• KHTML: KHTML is the rendering engine for Konqueror browser on Linux
• Geckeo: Rendering engine
• Like Gecko: indicates that it behaves like the Gecko browser engine

After trying several methods and finding nothing useful, I decided to find another way. If the browser has a logo, the phone must have one, too.

Mountains and rivers doubt no way, and a village.

Asked the next Android and IOS, after all, they are native, and sure enough they native provide this method! NICE!!!

This is easy to do, directly on the talent!! And the mobile terminal agreement under the identification is OK

    // Determine by the UA identifier
    var userAgent_app = navigator.userAgent.toLowerCase();// Get the UA information
    var isApp;
    // console.log(userAgent_app)
    if (userAgent_app.indexOf("faceying") != -1) {// Check whether ua contains the identifier agreed with the APP end
        isApp = true // client call
    }else{
        isApp = false // client call
    }
    if (isApp) {
        $('#app').css('display'.'block');
        // $('#noapp').css('display','none');
    } else {
        // console.log(userAgent_app)
        $('#app').css('display'.'none');
        // $('#noapp').css('display','block');
        let nav = getNav();
        if (nav == 'IOS') {
            // Jump to the App Store
            location.href = 'https://itunes.apple.com/cn/app/id1399525115?mt=8';
        } else if (nav == 'Android') {
            // Jump to app Treasure
            location.href = 'https://a.app.qq.com/o/simple.jsp?pkgname=com.kaixun.faceshadow';
        } else if (nav == 'mac' || 'Windows') {
            location.href = 'https://a.app.qq.com/o/simple.jsp?pkgname=com.kaixun.faceshadow'; }}// Determine where to open Android or ios
    function getNav() {
        let u = navigator.userAgent;
            // app = navigator.appVersion;
        // console.log(navigator.userAgent)
        let isAndroid = u.indexOf('Android') > -1 || u.indexOf('Linux') > -1 //g
        letisIOS = !! u.match(/\(i[^;] +; ( U;) ? CPU.+Mac OS X/) / / ios terminal
        let mac = u.indexOf('Mac')
        let win = u.indexOf('Windows')
        if (isAndroid) {
            return 'Android'
        }
        if (isIOS) {
            return 'IOS'
        }
        if (mac > -1) {
            return 'mac'
        }
        if (win > -1) {
            return 'Windows'}}Copy the code