npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@capgo/inappbrowser

v8.6.2

Published

Capacitor plugin in app browser

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

riderxriderx

Keywords

capacitorpluginbrowsernative

Readme

@capgo/inappbrowser

Capacitor plugin in app browser with urlChangeEvent, two way communication, camera and microphone usage, etc.

Why InAppBrowser?

The official Capacitor Browser plugin has strict security limitations that prevent advanced features. InAppBrowser removes these restrictions, enabling:

  • Two-way communication between your app and the browser
  • JavaScript injection for dynamic content manipulation
  • Camera and microphone access within the browser context
  • URL change monitoring for navigation tracking
  • Custom toolbars and UI for branded experiences
  • Cookie and cache management for session control
  • Custom sizes for extra control of the display position

Perfect for OAuth flows, embedded web apps, video calls, and any scenario requiring deep integration with web content.

Documentation

The most complete doc is available here: https://capgo.app/docs/plugins/inappbrowser/

Compatibility

| Plugin version | Capacitor compatibility | Maintained | | -------------- | ----------------------- | ---------- | | v8.*.* | v8.*.* | ✅ | | v7.*.* | v7.*.* | On demand | | v6.*.* | v6.*.* | ❌ | | v5.*.* | v5.*.* | ❌ |

Note: The major version of this plugin follows the major version of Capacitor. Use the version that matches your Capacitor installation (e.g., plugin v8 for Capacitor 8). Only the latest major version is actively maintained.

Install

npm install @capgo/inappbrowser
npx cap sync

Usage

import { InAppBrowser } from '@capgo/inappbrowser';

InAppBrowser.open({ url: 'YOUR_URL' });

Customize Chrome Custom Tab Appearance (Android)

The open() method launches a Chrome Custom Tab on Android. You can customize its appearance to blend with your app:

import { InAppBrowser } from '@capgo/inappbrowser';

InAppBrowser.open({
  url: 'https://example.com',
  toolbarColor: '#1A1A2E', // Match your app's theme
  showTitle: true, // Show page title instead of raw URL
  showArrow: true, // Back arrow instead of X close icon
  urlBarHidingEnabled: true, // Auto-hide URL bar on scroll
  disableShare: true, // Remove share from overflow menu
  disableBookmark: true, // Hide bookmark icon (undocumented, may break)
  disableDownload: true, // Hide download icon (undocumented, may break)
});

All CCT options are Android-only and safely ignored on iOS. See OpenOptions for full documentation.

Open WebView with Custom Dimensions

By default, the webview opens in fullscreen. You can set custom dimensions to control the size and position:

import { InAppBrowser } from '@capgo/inappbrowser';

// Open with custom dimensions (400x600 at position 50,100)
const { id } = await InAppBrowser.openWebView({
  url: 'YOUR_URL',
  width: 400,
  height: 600,
  x: 50,
  y: 100,
});

// Update dimensions at runtime
InAppBrowser.updateDimensions({
  id, // Optional, if omitted targets the active webview
  width: 500,
  height: 700,
  x: 100,
  y: 150,
});

Touch Passthrough: When custom dimensions are set (not fullscreen), touches outside the webview bounds will pass through to the underlying Capacitor webview, allowing the user to interact with your app in the exposed areas. This enables picture-in-picture style experiences where the InAppBrowser floats above your content.

Open WebView with Safe Margin

To create a webView with a 20px bottom margin (safe margin area outside the browser):

import { InAppBrowser } from '@capgo/inappbrowser';

InAppBrowser.openWebView({
  url: 'YOUR_URL',
  enabledSafeBottomMargin: true,
});

Web platform is not supported. Use window.open instead.

Open WebView in Full Screen Mode

To open the webview in true full screen mode (content extends behind the status bar), set enabledSafeTopMargin to false:

import { InAppBrowser } from '@capgo/inappbrowser';

InAppBrowser.openWebView({
  url: 'YOUR_URL',
  enabledSafeTopMargin: false, // Disables safe area at top, allows full screen
});

This option works independently of the toolbar type:

  • iOS: The webview extends behind the status bar, providing true edge-to-edge content
  • Android: The top margin is disabled, allowing content to fill the entire screen

Perfect for immersive experiences like video players, games, or full-screen web applications. Can be combined with any toolbarType setting.

Proxy examples

[!IMPORTANT] Proxy handling changed substantially in 8.6.0. If you already rely on the older proxy flow, treat this as a breaking migration and retest your handlers before shipping. Existing proxy handlers are not assumed to be drop-in compatible just because the API name stayed the same.

  • Native-first matching now uses outboundProxyRules and inboundProxyRules.
  • JavaScript proxy handlers now receive a phase (outbound or inbound).
  • If you respond manually with handleProxyRequest(...), pass the same phase back to native.
  • Late replies without the original phase can now be ignored instead of mutating the wrong request stage.
  • proxyRequests: true and proxyRequests: "<regex>" remain legacy compatibility modes. Do not mix legacy mode with the new rule-based flow without retesting.
  • Existing proxy listeners that only key on URL/method and do not preserve phase are not drop-in compatible with the new flow.

Block one request natively

Use a native rule when you just want to stop a request without round-tripping through JavaScript:

import { InAppBrowser } from '@capgo/inappbrowser';

await InAppBrowser.openWebView({
  url: 'https://example.com',
  outboundProxyRules: [
    {
      urlRegex: '^https://www\\.google-analytics\\.com/.*',
      action: 'cancel',
    },
  ],
});

Stub one script from JavaScript

Use delegateToJs when you want native matching, but still want JavaScript to replace the response:

import { InAppBrowser, addProxyHandler } from '@capgo/inappbrowser';

const proxyHandle = await addProxyHandler(async (request) => {
  if (request.phase === 'inbound' && request.url.includes('connect.facebook.net')) {
    return new Response('window.FB = { init: () => {}, login: () => {}, getLoginStatus: () => {} };', {
      status: 200,
      headers: {
        'Content-Type': 'application/javascript; charset=utf-8',
      },
    });
  }

  return null;
});

await InAppBrowser.openWebView({
  url: 'https://www.grailed.com/users/sign_up',
  inboundProxyRules: [
    {
      urlRegex: '^https://connect\\.facebook\\.net/.*',
      action: 'delegateToJs',
    },
  ],
});

// Later, when you are done:
await proxyHandle.remove();

Rewrite an outbound API request in JavaScript

When a request must be modified before it leaves the webview, return a request override:

import { InAppBrowser, addProxyHandler } from '@capgo/inappbrowser';

const proxyHandle = await addProxyHandler(async (request) => {
  if (request.phase === 'outbound' && request.url.includes('/api/private')) {
    return {
      request: {
        url: request.url,
        headers: {
          ...request.headers,
          Authorization: 'Bearer MY_TOKEN',
          'X-Proxy-Debug': 'enabled',
        },
      },
    };
  }

  return null;
});

await InAppBrowser.openWebView({
  url: 'https://example.com/dashboard',
  outboundProxyRules: [
    {
      urlRegex: '^https://example\\.com/api/private.*',
      action: 'delegateToJs',
    },
  ],
});

// Later, when you are done:
await proxyHandle.remove();

Test app and code:

https://github.com/Cap-go/demo-app/blob/main/src/views/plugins/Web.vue

Camera usage

Android

Add the following to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.CAMERA" />
		<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />
		<uses-permission android:name="android.permission.RECORD_AUDIO"/>

Then the permission will be asked when the camera is used.

iOS

Add the following to your Info.plist file:

<key>NSCameraUsageDescription</key>
<string>We need access to the camera to record audio.</string>

Microphone usage

Android

Add the following to your AndroidManifest.xml file:

<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />

Then the permission will be asked when the microphone is used.

iOS

Add the following to your Info.plist file:

<key>NSMicrophoneUsageDescription</key>
<string>We need access to the microphone to record audio.</string>

Location usage

Android

Add the following to your AndroidManifest.xml file:

<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />

Then the permission will be asked when location is requested by a website in the webview.

iOS

Add the following to your Info.plist file:

<key>NSLocationWhenInUseUsageDescription</key>
<string>We need access to your location to provide location-based services.</string>

Two way communication

With this plugin you can send events from the main app to the inappbrowser and vice versa.

The data is sent as a JSON object, so no functions or other non-JSON-serializable types are allowed.

Main app to inappbrowser, detail object is mendatory

const { id } = await InAppBrowser.openWebView({ url: 'YOUR_URL' });
InAppBrowser.postMessage({ id, detail: { message: 'myMessage' } });
// Or broadcast to all open webviews
InAppBrowser.postMessage({ detail: { message: 'broadcast' } });

Receive event from native in the inappbrowser

window.addEventListener('messageFromNative', (event) => {
  console.log(event);
});

Send event from inappbrowser to main app, detail object is mendatory

window.mobileApp.postMessage({ detail: { message: 'myMessage' } });

Receive event from inappbrowser in the main app

InAppBrowser.addListener('messageFromWebview', (event) => {
  console.log(event.id, event.detail);
});

Close inappbrowser from inappbrowser itself

window.mobileApp.close();

Google Pay (Android)

To enable Google Pay inside the in-app browser on Android you must do all three of the following:

1. Enable the option when opening the browser

Pass enableGooglePaySupport: true in your openWebView call:

InAppBrowser.openWebView({
  url: 'https://your-checkout-page.example.com',
  enableGooglePaySupport: true,
});

2. Add Payment Request intent queries to your AndroidManifest.xml

Android 11+ enforces Package Visibility. Without these entries the WebView cannot discover Google Pay and the payment sheet will never appear.

Add the following inside the <manifest> tag of your app's AndroidManifest.xml (typically android/app/src/main/AndroidManifest.xml):

<queries>
  <!-- Required for Google Pay / Payment Request API in WebView -->
  <intent>
    <action android:name="org.chromium.intent.action.PAY" />
  </intent>
  <intent>
    <action android:name="org.chromium.intent.action.IS_READY_TO_PAY" />
  </intent>
  <intent>
    <action android:name="org.chromium.intent.action.UPDATE_PAYMENT_DETAILS" />
  </intent>
</queries>

3. Require WebView 120 or later

The W3C Payment Request API (used by Google Pay) requires Android WebView 120+. Devices running an older WebView version will not be able to complete Google Pay transactions. Most modern Android devices already meet this requirement.

API

goBack(...)

goBack(options?: { id?: string | undefined; } | undefined) => Promise<{ canGoBack: boolean; }>

Navigates back in the WebView's history if possible

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Returns: Promise<{ canGoBack: boolean; }>

Since: 7.21.0

open(...)

open(options: OpenOptions) => Promise<any>

Open url in a new window fullscreen, on android it use chrome custom tabs, on ios it use SFSafariViewController

| Param | Type | | ------------- | --------------------------------------------------- | | options | OpenOptions |

Returns: Promise<any>

Since: 0.1.0

clearCookies(...)

clearCookies(options: ClearCookieOptions) => Promise<any>

Clear cookies of url When id is omitted, applies to all open webviews.

| Param | Type | | ------------- | ----------------------------------------------------------------- | | options | ClearCookieOptions |

Returns: Promise<any>

Since: 0.5.0

clearAllCookies(...)

clearAllCookies(options?: { id?: string | undefined; } | undefined) => Promise<any>

Clear all cookies When id is omitted, applies to all open webviews.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Returns: Promise<any>

Since: 6.5.0

clearCache(...)

clearCache(options?: { id?: string | undefined; } | undefined) => Promise<any>

Clear cache When id is omitted, applies to all open webviews.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Returns: Promise<any>

Since: 6.5.0

getCookies(...)

getCookies(options: GetCookieOptions) => Promise<Record<string, string>>

Get cookies for a specific URL.

| Param | Type | Description | | ------------- | ------------------------------------------------------------- | -------------------------------------------------- | | options | GetCookieOptions | The options, including the URL to get cookies for. |

Returns: Promise<Record<string, string>>

close(...)

close(options?: CloseWebviewOptions | undefined) => Promise<any>

Close the webview. When id is omitted, closes the active webview.

| Param | Type | | ------------- | ------------------------------------------------------------------- | | options | CloseWebviewOptions |

Returns: Promise<any>

hide(...)

hide(options?: { id?: string | undefined; } | undefined) => Promise<void>

Hide the webview without closing it. Use show() to bring it back. When id is omitted, targets the active webview.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Since: 8.0.8

show(...)

show(options?: { id?: string | undefined; } | undefined) => Promise<void>

Show a previously hidden webview. When id is omitted, targets the active webview.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Since: 8.0.8

openWebView(...)

openWebView(options: OpenWebViewOptions) => Promise<{ id: string; }>

Open url in a new webview with toolbars, and enhanced capabilities, like camera access, file access, listen events, inject javascript, bi directional communication, etc.

JavaScript Interface: When you open a webview with this method, a JavaScript interface is automatically injected that provides:

  • window.mobileApp.close(): Closes the webview from JavaScript
  • window.mobileApp.postMessage({detail: {message: "myMessage"}}): Sends a message from the webview to the app, detail object is the data you want to send to the webview
  • window.mobileApp.takeScreenshot() when allowScreenshotsFromWebPage is true

Promise timing differs by platform when isPresentAfterPageLoad is used. Android resolves with { id } after the dialog is ready to control, while iOS resolves with { id } immediately after creating the native webview.

| Param | Type | | ------------- | ----------------------------------------------------------------- | | options | OpenWebViewOptions |

Returns: Promise<{ id: string; }>

Since: 0.1.0

executeScript(...)

executeScript(options: { code: string; id?: string; }) => Promise<void>

Injects JavaScript code into the InAppBrowser window. When id is omitted, executes in all open webviews.

| Param | Type | | ------------- | ------------------------------------------- | | options | { code: string; id?: string; } |

postMessage(...)

postMessage(options: { detail: Record<string, any>; id?: string; }) => Promise<void>

Sends an event to the webview(inappbrowser). you can listen to this event in the inappbrowser JS with window.addEventListener("messageFromNative", listenerFunc: (event: Record<string, any>) => void) detail is the data you want to send to the webview, it's a requirement of Capacitor we cannot send direct objects Your object has to be serializable to JSON, so no functions or other non-JSON-serializable types are allowed. When id is omitted, broadcasts to all open webviews.

| Param | Type | | ------------- | -------------------------------------------------------------------------------------- | | options | { detail: Record<string, any>; id?: string; } |

takeScreenshot(...)

takeScreenshot(options?: { id?: string | undefined; } | undefined) => Promise<ScreenshotResult>

Captures the current webview viewport as a PNG screenshot. When id is omitted, targets the active webview.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Returns: Promise<ScreenshotResult>

setUrl(...)

setUrl(options: { url: string; id?: string; }) => Promise<any>

Sets the URL of the webview. When id is omitted, targets the active webview.

| Param | Type | | ------------- | ------------------------------------------ | | options | { url: string; id?: string; } |

Returns: Promise<any>

addListener('urlChangeEvent', ...)

addListener(eventName: 'urlChangeEvent', listenerFunc: UrlChangeListener) => Promise<PluginListenerHandle>

Listen for url change, only for openWebView

| Param | Type | | ------------------ | --------------------------------------------------------------- | | eventName | 'urlChangeEvent' | | listenerFunc | UrlChangeListener |

Returns: Promise<PluginListenerHandle>

Since: 0.0.1

addListener('buttonNearDoneClick', ...)

addListener(eventName: 'buttonNearDoneClick', listenerFunc: ButtonNearListener) => Promise<PluginListenerHandle>

| Param | Type | | ------------------ | ----------------------------------------------------------------- | | eventName | 'buttonNearDoneClick' | | listenerFunc | ButtonNearListener |

Returns: Promise<PluginListenerHandle>

addListener('closeEvent', ...)

addListener(eventName: 'closeEvent', listenerFunc: UrlChangeListener) => Promise<PluginListenerHandle>

Listen for close click only for openWebView

| Param | Type | | ------------------ | --------------------------------------------------------------- | | eventName | 'closeEvent' | | listenerFunc | UrlChangeListener |

Returns: Promise<PluginListenerHandle>

Since: 0.4.0

addListener('confirmBtnClicked', ...)

addListener(eventName: 'confirmBtnClicked', listenerFunc: ConfirmBtnListener) => Promise<PluginListenerHandle>

Will be triggered when user clicks on confirm button when disclaimer is required, works with openWebView shareDisclaimer and closeModal

| Param | Type | | ------------------ | ----------------------------------------------------------------- | | eventName | 'confirmBtnClicked' | | listenerFunc | ConfirmBtnListener |

Returns: Promise<PluginListenerHandle>

Since: 0.0.1

addListener('messageFromWebview', ...)

addListener(eventName: 'messageFromWebview', listenerFunc: (event: { id?: string; detail?: Record<string, any>; rawMessage?: string; }) => void) => Promise<PluginListenerHandle>

Will be triggered when event is sent from webview(inappbrowser), to send an event to the main app use window.mobileApp.postMessage({ "detail": { "message": "myMessage" } }) detail is the data you want to send to the main app, it's a requirement of Capacitor we cannot send direct objects Your object has to be serializable to JSON, no functions or other non-JSON-serializable types are allowed.

This method is inject at runtime in the webview

| Param | Type | | ------------------ | -------------------------------------------------------------------------------------------------------------------------------- | | eventName | 'messageFromWebview' | | listenerFunc | (event: { id?: string; detail?: Record<string, any>; rawMessage?: string; }) => void |

Returns: Promise<PluginListenerHandle>

addListener('screenshotTaken', ...)

addListener(eventName: 'screenshotTaken', listenerFunc: (event: ScreenshotResult & { id?: string; }) => void) => Promise<PluginListenerHandle>

Will be triggered whenever a screenshot is captured from the plugin API, the native screenshot button, or the injected JavaScript bridge.

| Param | Type | | ------------------ | ---------------------------------------------------------------------------------------------------- | | eventName | 'screenshotTaken' | | listenerFunc | (event: ScreenshotResult & { id?: string; }) => void |

Returns: Promise<PluginListenerHandle>

addListener('browserPageLoaded', ...)

addListener(eventName: 'browserPageLoaded', listenerFunc: (event: { id?: string; }) => void) => Promise<PluginListenerHandle>

Will be triggered when page is loaded

| Param | Type | | ------------------ | ------------------------------------------------- | | eventName | 'browserPageLoaded' | | listenerFunc | (event: { id?: string; }) => void |

Returns: Promise<PluginListenerHandle>

addListener('pageLoadError', ...)

addListener(eventName: 'pageLoadError', listenerFunc: (event: { id?: string; }) => void) => Promise<PluginListenerHandle>

Will be triggered when page load error

| Param | Type | | ------------------ | ------------------------------------------------- | | eventName | 'pageLoadError' | | listenerFunc | (event: { id?: string; }) => void |

Returns: Promise<PluginListenerHandle>

addListener('downloadCompleted', ...)

addListener(eventName: 'downloadCompleted', listenerFunc: (event: DownloadCompletedEvent) => void) => Promise<PluginListenerHandle>

Will be triggered after native download handling saves a file locally. Enable this with handleDownloads: true when opening the webview.

| Param | Type | | ------------------ | --------------------------------------------------------------------------------------------- | | eventName | 'downloadCompleted' | | listenerFunc | (event: DownloadCompletedEvent) => void |

Returns: Promise<PluginListenerHandle>

Since: 8.6.0

addListener('downloadFailed', ...)

addListener(eventName: 'downloadFailed', listenerFunc: (event: DownloadFailedEvent) => void) => Promise<PluginListenerHandle>

Will be triggered when native download handling fails. Enable this with handleDownloads: true when opening the webview.

| Param | Type | | ------------------ | --------------------------------------------------------------------------------------- | | eventName | 'downloadFailed' | | listenerFunc | (event: DownloadFailedEvent) => void |

Returns: Promise<PluginListenerHandle>

Since: 8.6.0

addListener('popupWindowOpened', ...)

addListener(eventName: 'popupWindowOpened', listenerFunc: (event: PopupWindowEvent) => void) => Promise<PluginListenerHandle>

Will be triggered whenever a page opens a popup/new window. Use the returned popup id with executeScript, postMessage, show, hide, and close.

| Param | Type | | ------------------ | --------------------------------------------------------------------------------- | | eventName | 'popupWindowOpened' | | listenerFunc | (event: PopupWindowEvent) => void |

Returns: Promise<PluginListenerHandle>

Since: 8.6.0

addListener('proxyRequest', ...)

addListener(eventName: 'proxyRequest', listenerFunc: (event: ProxyRequest) => void) => Promise<PluginListenerHandle>

Listen for proxied requests delegated by the native runtime. Prefer addProxyHandler() instead of calling this directly.

| Param | Type | | ------------------ | ------------------------------------------------------------------------- | | eventName | 'proxyRequest' | | listenerFunc | (event: ProxyRequest) => void |

Returns: Promise<PluginListenerHandle>

Since: 8.6.0

addListener('consoleMessage', ...)

addListener(eventName: 'consoleMessage', listenerFunc: (event: ConsoleMessageEvent) => void) => Promise<PluginListenerHandle>

Listen for JavaScript console output emitted by the managed page. Enable this with captureConsoleLogs: true when opening the webview.

| Param | Type | | ------------------ | --------------------------------------------------------------------------------------- | | eventName | 'consoleMessage' | | listenerFunc | (event: ConsoleMessageEvent) => void |

Returns: Promise<PluginListenerHandle>

Since: 8.6.0

handleProxyRequest(...)

handleProxyRequest(options: { requestId: string; decision?: ProxyDecision | null; response?: ProxyResponse | null; webviewId?: string; phase?: 'outbound' | 'inbound'; }) => Promise<void>

Internal method used by addProxyHandler() to send a proxy decision back to native. Forward the original phase when replying to a manual proxyRequest listener.

| Param | Type | | ------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | options | { requestId: string; decision?: ProxyDecision | null; response?: ProxyResponse | null; webviewId?: string; phase?: 'outbound' | 'inbound'; } |

Since: 8.6.0

removeAllListeners()

removeAllListeners() => Promise<void>

Remove all listeners for this plugin.

Since: 1.0.0

reload(...)

reload(options?: { id?: string | undefined; } | undefined) => Promise<any>

Reload the current web page.

| Param | Type | | ------------- | ----------------------------- | | options | { id?: string; } |

Returns: Promise<any>

Since: 1.0.0

updateDimensions(...)

updateDimensions(options: DimensionOptions & { id?: string; }) => Promise<void>

Update the dimensions of the webview. Allows changing the size and position of the webview at runtime. When id is omitted, targets the active webview.

| Param | Type | Description | | ------------- | -------------------------------------------------------------------------------- | --------------------------------------- | | options | DimensionOptions & { id?: string; } | Dimension options (width, height, x, y) |

setEnabledSafeTopMargin(...)

setEnabledSafeTopMargin(options: { enabled: boolean; id?: string; }) => Promise<void>

Sets the enabled safe top margin of the webview at runtime. When id is omitted, targets the active webview. On Web, this method is a no-op and resolves without changing layout.

| Param | Type | | ------------- | ----------------------------------------------- | | options | { enabled: boolean; id?: string; } |

setEnabledSafeBottomMargin(...)

setEnabledSafeBottomMargin(options: { enabled: boolean; id?: string; }) => Promise<void>

Sets the enabled safe bottom margin of the webview at runtime. When id is omitted, targets the active webview. On Web, this method is a no-op and resolves without changing layout.

| Param | Type | | ------------- | ----------------------------------------------- | | options | { enabled: boolean; id?: string; } |

openSecureWindow(...)

openSecureWindow(options: OpenSecureWindowOptions) => Promise<OpenSecureWindowResponse>

Opens a secured window for OAuth2 authentication. For web, you should have the code in the redirected page to use a broadcast channel to send the redirected url to the app Something like:

&lt;html&gt;
&lt;head&gt;&lt;/head&gt;
&lt;body&gt;
&lt;script&gt;
  const searchParams = new URLSearchParams(location.search)
  if (searchParams.has("code")) {
    new BroadcastChannel("my-channel-name").postMessage(location.href);
    window.close();
  }
&lt;/script&gt;
&lt;/body&gt;
&lt;/html&gt;

For mobile, you should have a redirect uri that opens the app, something like: myapp://oauth_callback/ And make sure to register it in the app's info.plist:

&lt;key&gt;CFBundleURLTypes&lt;/key&gt;
&lt;array&gt;
   &lt;dict&gt;
      &lt;key&gt;CFBundleURLSchemes&lt;/key&gt;
      &lt;array&gt;
         &lt;string&gt;myapp&lt;/string&gt;
      &lt;/array&gt;
   &lt;/dict&gt;
&lt;/array&gt;

And in the AndroidManifest.xml file:

&lt;activity&gt;
   &lt;intent-filter&gt;
      &lt;action android:name="android.intent.action.VIEW" /&gt;
      &lt;category android:name="android.intent.category.DEFAULT" /&gt;
      &lt;category android:name="android.intent.category.BROWSABLE" /&gt;
      &lt;data android:host="oauth_callback" android:scheme="myapp" /&gt;
   &lt;/intent-filter&gt;
&lt;/activity&gt;

| Param | Type | Description | | ------------- | --------------------------------------------------------------------------- | ------------------------------------------- | | options | OpenSecureWindowOptions | - the options for the openSecureWindow call |

Returns: Promise<OpenSecureWindowResponse>

Interfaces

OpenOptions

| Prop | Type | Description | Default | Since | | ---------------------------- | -------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------ | ----- | | url | string | Target URL to load. | | 0.1.0 | | isPresentAfterPageLoad | boolean | if true, the browser will be presented after the page is loaded, if false, the browser will be presented immediately. | | 0.1.0 | | preventDeeplink | boolean | if true the deeplink will not be opened, if false the deeplink will be opened when clicked on the link | | 0.1.0 | | toolbarColor | string | Toolbar background color in hex format (e.g., "#1A1A2E"). Applied to both light and dark color schemes. Also sets the navigation bar color to match. Android only — ignored on iOS. | | 8.2.0 | | urlBarHidingEnabled | boolean | Whether the URL bar should auto-hide when the user scrolls down. The bar reappears on any upward scroll. Android only — ignored on iOS. | false | 8.2.0 | | showTitle | boolean | Show the page's HTML <title> in the toolbar instead of the raw URL. The true URL is still visible when the user taps the title area. Android only — ignored on iOS. | false | 8.2.0 | | showArrow | boolean | Replace the default "X" close icon with a back arrow. Makes the Custom Tab feel like a native navigation push rather than a modal overlay. Android only — ignored on iOS. | false | 8.2.0 | | disableShare | boolean | Remove the share action from the overflow menu. Android only — ignored on iOS. | false | 8.2.0 | | disableBookmark | boolean | Hide the bookmark star icon in the overflow menu. Uses an undocumented Chromium intent extra — may stop working on future Chrome updates. Android only — ignored on iOS. | false | 8.2.0 | | disableDownload | boolean | Hide the download icon in the overflow menu. Uses an undocumented Chromium intent extra — may stop working on future Chrome updates. Android only — ignored on iOS. | false | 8.2.0 |

ClearCookieOptions

| Prop | Type | Description | | --------- | ------------------- | -------------------------------------------------------------- | | id | string | Target webview id. When omitted, applies to all open webviews. | | url | string | |

HttpCookie

| Prop | Type | Description | | ----------- | ------------------- | ------------------------ | | url | string | The URL of the cookie. | | key | string | The key of the cookie. | | value | string | The value of the cookie. |

GetCookieOptions

| Prop | Type | | --------------------- | -------------------- | | url | string | | includeHttpOnly | boolean |

CloseWebviewOptions

| Prop | Type | Description | Default | | ---------------- | -------------------- | ------------------------------------------------------------------ | ----------------- | | id | string | Target webview id to close. If omitted, closes the active webview. | | | isAnimated | boolean | Whether the webview closing is animated or not, ios only | true |

OpenWebViewOptions

| Prop | Type | Description | Default | Since | | -------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | ------ | | url | string | Target URL to load. | | 0.1.0 | | headers | Headers | Headers to send with the request. | | 0.1.0 | | credentials | Credentials | Credentials to send with the request and all subsequent requests for the same host. | | 6.1.0 | | method | string | HTTP method to use for the initial request. Optional parameter - defaults to GET if not specified. Existing code that doesn't provide this parameter will continue to work unchanged with standard GET requests. When specified with 'POST', 'PUT', or 'PATCH' methods that support a body, you can also provide a body parameter with the request payload. Platform Notes: - iOS: Full support for all HTTP methods with headers - Android: Custom headers may not be sent with POST/PUT/PATCH requests due to WebView limitations | "GET" | 8.2.0 | | body | string | HTTP body to send with the request when using POST, PUT, or other methods that support a body. Should be a string (use JSON.stringify for JSON data). Optional parameter - only used when method is specified and supports a request body. Omitting this parameter (or using GET method) results in standard behavior without a request body. | | 8.2.0 | | materialPicker | boolean | materialPicker: if true, uses Material Design theme for date and time pickers on Android. This improves the appearance of HTML date inputs to use modern Material Design UI instead of the old style pickers. | false | 7.4.1 | | jsInterface | | JavaScript Interface: The webview automatically injects a JavaScript interface providing: - window.mobileApp.close(): Closes the webview from JavaScript - window.mobileApp.postMessage(obj): Sends a message to the app (listen via "messageFromWebview" event) - window.mobileApp.hide() / window.mobileApp.show() when allowWebViewJsVisibilityControl is true in CapacitorConfig - window.mobileApp.takeScreenshot() when allowScreenshotsFromWebPage is true | | 6.10.0 | | allowScreenshotsFromWebPage | boolean | Allows page JavaScript to call window.mobileApp.takeScreenshot(). Disabled by default so only the host app can trigger native screenshots through the plugin API. | false | 8.4.0 | | captureConsoleLogs | boolean | Emits consoleMessage events for JavaScript console.* output coming from the managed page. Useful when the webview stays hidden and you still need page-level diagnostics. | false | 8.6.0 | | handleDownloads | boolean | Automatically handles downloads triggered inside the webview without requiring a custom JavaScript bridge. When enabled: - Standard attachment responses are written to a temporary file. - blob: downloads are also captured when the platform supports them. - Previewable files reopen inside the in-app browser when possible. - Other files are handed off to the native preview or viewer flow. - downloadCompleted and downloadFailed events notify the host app about the saved file. | false | 8.6.0 | | shareDisclaimer | DisclaimerOptions | Share options for the webview. When provided, shows a disclaimer dialog before sharing content. This is useful for: - Warning users about sharing sensitive information - Getting user consent before sharing - Explaining what will be shared - Complying with privacy regulations Note: shareSubject is required when using shareDisclaimer | | 0.1.0 | | toolbarType | ToolBarType | Toolbar type determines the appearance and behavior of the browser's toolbar - "activity": Shows a simple toolbar with just a close button and share button - "navigation": Shows a full navigation toolbar with back/forward buttons - "blank": Shows no toolbar - "": Default toolbar with close button | ToolBarType.DEFAULT | 0.1.0 | | shareSubject | string | Subject text for sharing. Required when using shareDisclaimer. This text will be used as the subject line when sharing content. | | 0.1.0 | | title | string | Title of the browser | "New Window" | 0.1.0 | | backgroundColor | BackgroundColor | Background color of the browser | BackgroundColor.BLACK | 0.1.0 | | activeNativeNavigationForWebview | boolean | If true, enables native navigation gestures within the webview. - Android: Native back button navigates within webview history - iOS: Enables swipe left/right gestures for back/forward navigation | false (Android), true (iOS - enabled by default) | | | disableGoBackOnNativeApplication | boolean | Disable the possibility to go back on native application, useful to force user to stay on the webview, Android only | false | | | isPresentAfterPageLoad | boolean | Open url in a new window fullscreen isPresentAfterPageLoad: if true, the browser will be presented after the page is loaded, if false, the browser will be presented immediately. Promise timing: on Android, openWebView() resolves with the webview id when the webview is ready to be controlled (immediately for hidden/immediate presentation, after the first page load when isPresentAfterPageLoad is true). On iOS, the promise resolves with the id as soon as the native webview is created, even if presentation is deferred. | false | 0.1.0 | | isInspectable | boolean | Whether the website in the webview is inspectable or not, ios only | false | | | isAnimated | boolean | Whether the webview opening is animated or not, ios only | true | | | showReloadButton | boolean | Shows a reload button that reloads the web page | false | 1.0.15 | | closeModal | boolean | CloseModal: if true a confirm will be displayed when user clicks on close button, if false the browser will be closed immediately. | false | 1.1.0 | | closeModalTitle | string | CloseModalTitle: title of the confirm when user clicks on close button | "Close" | 1.1.0 | | closeModalDescription | string | CloseModalDescription: description of the confirm when user clicks on close button | "Are you sure you want to close this window?" | 1.1.0 | | closeModalOk | string | CloseModalOk: text of the confirm button when user clicks on close button