Digital Markets Act - Interventions - In-App Browsers
Version 1.2
4.1.7. Amnesia - Session State, Autofill etc not shared
Adrian’s Holovaty sums up the issues in his article:
If a native app opens a third-party website in a WebView, that third-party site will
begin a new session, without existing cookies. It’s effectively like using a web
browser’s private (aka “incognito”) mode.
This means: If you’re logged into a website in your phone’s browser, but you click a
link to that site from a native app’s WebView, your logged-in state will not be
honored. You’ll need to log in all over again.
At best, this is irritating. At worst, it gives people the false impression that the
website is broken or logged them out.
*[[
It is wort h noting that state is no longer shared between Safari and
SFSafariViewController since iOS 11, we cover this in this section.]]
A specific example is Soundslice’s Instagram account, where we highlight stuff
people have created on our platform. If you see something on our Instagram and
want to add it to a practice list in your Soundslice account, you quickly run into
friction when opening the link within the Instagram app. Even if you’re logged into
Soundslice in your phone’s browser, the Instagram app doesn’t honor your
Soundslice login.
Instagram is a particularly heinous example, because it doesn’t even let you add a
link to a post. If you enter a URL in an Instagram post, it will not turn into a
clickable link. Only one link, the one in your channel bio, is clickable. An entire
cottage industry has formed around this “link in bio” madness.]
Yes, you can copy-and-paste the URL (if the WebView displays it), or you can
choose an “Open in web browser” option (if the WebView provides it). But either
case requires nontrivial technical sophistication. Most users would just say “Aw,
man, I’ve somehow been logged out of Soundslice” and assign the blame to us.
Proponents of native apps would likely argue “But it’s a better user experience from
the perspective of the native app! Because the user doesn’t have to context-switch
into a different environment, aka the web browser.” There was indeed a time when
this argument made sense: the years before 2015, which is when iOS 9
introduced a global Back button conveniently solving the problem. And of course
Android has its global Back button. These days this argument holds no water.
Proponents of native apps would also likely say: “If you had your own native app,
this problem would be solved, because you can register a link handler that will