Is the android CustomTab API compatible with users privacy?

pserwylo · July 7, 2025, 10:24am

I’m interested in opinions on whether using Custom Tabs (which in turn use Google’s Safe Browsing) are compatible with maintaining users privacy.

I am the author of the Lexica app. It is a word game, and when a user taps a button to define a word, I use an Intent to open the users browser to, e.g. wiktionary or other services to view the definition.

I have a PR from a community member adding support for using CustomTabs to open the browser from within the app.

Sounds good to me, but I can see that “Custom Tabs use Google’s Safe Browsing to protect the user…”. I got a bit lost reading about different browser implementations. Firefox seems to regularly update its list of bad pages from Google, rather than proactively send each URL to Google, which I guess is good - good in the sense that using Custom Tabs for firefox users would not be sending URLs visited to Google without their consent. However there does seem to be edge cases where Firefox or others will send a hash of the URL to the safe browsing API to verify it is still on the list.

Does anyone have any thoughts / experience / opinions on this matter?

Licaon_Kter · July 7, 2025, 11:11am

see how maps/app/src/main/java/us/spotco/maps/MainActivity.java at master · woheller69/maps · GitHub is trying to harden it too

@SkewedZeppelin right?

SkewedZeppelin · July 7, 2025, 12:27pm

The CustomTab API is inherently fine and as noted allows the user to use a non-Chrome browser for viewing if that is their default. It also has the benefit that extensions work in them too afair, so if the user has uBlock Origin they get that benefit.

Regarding Safe Browsing:

in the WebView: works if GMS is available and SB is allowed in Play settings
in Chromium browsers: works if GMS is available OR if Enhanced mode is enabled
in Firefox browsers: works without GMS if an API key is available. Firefox, IronFox, Iceraven work. Fennec does not.

If you do use the WebView, you should set the telemetry opt-out manifest flag:
<meta-data android:name="android.webkit.WebView.MetricsOptOut" android:value="true" />

For this usecase of opening a link for a word, CustomTabs sounds like the best approach.