Certain platforms and environments β especially mobile WebViews and in-app browsers β impose limitations on how widgets can be opened, embedded, or interacted with. This affects popups, redirects, storage, iframe loading, and JavaScript behavior.
WebViews often block external links and popups; may force redirect to Safari
Android WebView
More permissive: allows iframes, postMessage, JS
Desktop Browsers
Full feature support: tabs, popups, iframe, storage, SDK
Electron
Behaves like Chromium; allows full control via custom handlers
π¬ Widget Behavior by Integration Method
Method
Web
iOS Web
Android Web
iOS WebView
Android WebView
Electron
Direct link / redirect
β Tab/new tab
β Safari
β Browser
β οΈ Opens Safari
β In-WebView
β Fully works
window.open / popup
β Popup
β οΈ Maybe
β Works
β Blocked
β οΈ Unreliable
β Works
iframe
β Full
β Safari
β Supported
β Often blocked
β Mostly works
β Full
iframe + postMessage
β Works
β Works
β Works
β οΈ May need whitelisting
β Supported
β Full
Web SDK (script injection)
β Supported
β Works
β Works
β οΈ Depends on permissions
β Mostly works
β Full
WebView load (URL)
β N/A
β N/A
β N/A
β Needs gesture
β Direct load
β Loads URL
Electron browser window
β Browser
β Works
β Works
β N/A
β N/A
β Native
Deep link β WebView
β Desktop only
β οΈ May fallback
β In-app
β Needs whitelist
β Intent support
β Emulated
π‘οΈ Security & UX Caveats
Environment
Limitation
iOS WebView
External links often open in Safari, not inside app
WebView (iOS & Android)
May block popups, 3rd-party cookies, JS storage
iframe
CSP + X-Frame-Options must be properly configured
Electron
Can disable popups, node integration, file access for security
Popup windows
May be blocked unless triggered by user gesture (esp. on iOS)
π± In-App / Embedded Browser Notes
Apps like Telegram, Instagram, TikTok, Twitter/X, and email clients often open links in custom embedded WebViews (not Safari or Chrome). These may block standard browser features.
App / Platform
Engine
Behavior Summary
Telegram (iOS)
WKWebView
Forces external links to Safari
Telegram (Android)
Android WebView
More flexible; stays in-app unless forced out
Instagram/Facebook
Custom WebView
Blocks some JS, storage, cookies, intercepts navigation
TikTok
Restricted WebView
Most popups/scripts blocked, may break postMessage
Twitter/X
In-app browser
Limits popups and iframe behavior
Email Clients
Varies
May sandbox JS, break session persistence
β οΈ Known Behavioral Issues
β window.open() blocked in some WebViews
β Limited iframe or JS support in in-app browsers
π Redirects may be forced to open in Safari/Chrome
πͺ Third-party cookies often blocked
π§ Keyboard/focus bugs in mobile embeds
π’ Slow load or degraded UX in outdated WebViews
β Recommendations
If the widget is opened in...
We recommend...
Website (desktop/mobile)
Use direct link, iframe, or Web SDK
Mobile App (Android)
Load via WebView or iframe; allow JS + postMessage
Mobile App (iOS)
Use WebView with a fallback to Safari if needed
Telegram / WhatsApp / iOS App
Open in external Safari; donβt rely on embedding
Electron App
Load in BrowserWindow, enable postMessage
Unknown WebView
Detect with navigator.userAgent and offer a fallback (e.g., open in browser)
π§ Best Practices
Provide an "Open in browser" fallback button
Use a responsive layout β some in-app browsers mishandle the viewport
Avoid relying on window.open, popups, and non-persistent storage
Provide a direct-link fallback version of the widget
