I'm building android app via React Native. We're using package, which I assume wraps native WebView component.
The problem that in the end we get a file in data/data/com.myapp/app_webview/Default/Cookies
which contain sensitive information - unencrypted cookies (we were flagged by our security team), that any malicious person can extract easily using adb shell if he steals a device.
I already tried to disable cache for webview and use incognito mode:
cacheEnabled={false}
cacheMode={'LOAD_NO_CACHE'}
thirdPartyCookiesEnabled={false}
incognito={true}
and clear cookies via CookieManager:
await CookieManager.clearAll();
await CookieManager.removeSessionCookies();
but no luck.
