Overview
Enterprise Browser offers numerous security features implemented in various ways and through different interfaces. Below is a summary of EB security features with links to the relevant documentation for each.
Basic/Digest Authentication
Enterprise Browser supports pages that are password-protected with basic and digest authentication. The tags for this feature are located in the <authentication> node of the EB app's config.xml
file.
Client and Server Certificates
Enterprise Browser supports access to web sites that are protected with client- or server-side certificates. This is documented in the <Certificates guide>.
Compliance with TLS 1.2, SSL3
Enterprise Browser supports Secure Sockets Layer (SSL) and the newer Transport Layer Security (TLS) protocols, detailed in the EB Compliance Guide.
Device Lock-down
When tight control over device settings and/or apps is required, Enterprise Browser 1.6 and higher integrates with Enterprise Home Screen, Zebra's free Android device lock-down solution.
See the Enterprise Browser Device Lock-down Guide for complete instructions.
Also see Kiosk Mode Enhancements, below.
Security Config Tags
The following security features can be implemented in an app's config.xml
file.
Web Security Features
- <ApplicationCacheEnabled> - allows an HTML5 app to be stored locally for added security, off-line operation, improved speed and reduced server load.
- <ApplicationCacheOnExit> - erases a cached HTML5 app upon exiting it.
- <SetCacheMode> - controls rules for loading pages from cache vs. loading from the server.
- <DeleteCacheOnExit> - erases cached data upon exiting.
- <DomStorageEnabled> - controls whether application data is stored locally using HTML5 Web Storage.
- <DatabaseEnabled> - controls whether to enable the WebSQL database.
- <GeoLocationEnabled> - controls whether location data from device sensors can be consumed by the EB app.
- <JavascriptEnabled> - permits JavaScript code execution within an EB app to be toggled on and off.
- <SaveFormData> - determines whether an app will retain data entered by a user into forms, checkboxes and other input elements.
- <BlockNetworkImage> - prevents the app from loading images over a network while allowing non-image resources to load.
- <BlockNetworkLoads> - prevents the app from loading all network resources, including images.
- <ClearWebData> - determines whether WebView data stored by the EB app will be retained when app returns to the foreground after the device HOME key is pressed.
- <NavigateToHomePage> - causes an EB app to display its Start Page when the app returns to the foreground.
- <MixedContentMode> - security feature that can prevent loading of content from insecure sites.
- <WebFilteringEnabled> - controls whether web sites will be filtered by the addresses specified in the related tags (below).
- <WhiteListingUrls> - explicitly allows one or more websites to be visited by an app.
- <BlackListingUrls> - explicitly blocks one or more websites.
- <DeleteCookiesOnExit> - automatically erases cookies stored by Enterprise Browser when exiting.
- <ExitPasswordEnabled> tag - forces the app to require a password to exit.
Kiosk Mode Enhancements
The following tags work only on devices running Android Lollipop (and higher). These features are intended to enhance Kiosk Mode, a Lollipop feature that restricts device usage to a single app. The tags also work independently.
- <setHomeKeyDisable> - prevents the HOME key (or capacitive button) on the device from exiting the current app.
- <setStatusBarDisable> - prevents the status bar from being displayed (either automatically or by dragging down from the top of the screen).
- <setBackKeyDisable> - disables the BACK key (or capacitive button), which could otherwise exit the current app and invoke the previously active app or Launcher screen.
- <setVolumeButonDisable> - prevents the user from controlling the speaker volume using device hardware keys.
- <setRecentAppDisable> - prevents display of the Recent Apps list, which could otherwise allow the user exit the current app by selecting an app from the "recents" list.
Settings Lock-out
An EB app can prevent a user from accessing the Settings panel on a device by using the <SettingsPageProtectionEnabled> tag in the EB app's config.xml
file
Related guides: