Skip to content

Cap-go/capacitor-inappbrowser

BranchesTags

Repository files navigation

@capgo/inappbrowser

Capgo - Instant updates for capacitor

Capacitor plugin in app browser with urlChangeEvent, two way communication, camera and microphone usage, etc.

Why InAppBrowser?

The official Capacitor Browser plugin has strict security limitations that prevent advanced features. InAppBrowser removes these restrictions, enabling:

  • Two-way communication between your app and the browser
  • JavaScript injection for dynamic content manipulation
  • Camera and microphone access within the browser context
  • URL change monitoring for navigation tracking
  • Custom toolbars and UI for branded experiences
  • Cookie and cache management for session control
  • Custom sizes for extra control of the display position

Perfect for OAuth flows, embedded web apps, video calls, and any scenario requiring deep integration with web content.

Documentation

The most complete doc is available here: https://capgo.app/docs/plugins/inappbrowser/

Install

npm install @capgo/inappbrowser
npx cap sync

Usage

import { InAppBrowser } from '@capgo/inappbrowser'

InAppBrowser.open({ url: "YOUR_URL" });

Open WebView with Custom Dimensions

By default, the webview opens in fullscreen. You can set custom dimensions to control the size and position:

import { InAppBrowser } from '@capgo/inappbrowser'

// Open with custom dimensions (400x600 at position 50,100)
InAppBrowser.openWebView({
  url: "YOUR_URL",
  width: 400,
  height: 600,
  x: 50,
  y: 100
});

// Update dimensions at runtime
InAppBrowser.updateDimensions({
  width: 500,
  height: 700,
  x: 100,
  y: 150
});

Touch Passthrough: When custom dimensions are set (not fullscreen), touches outside the webview bounds will pass through to the underlying Capacitor webview, allowing the user to interact with your app in the exposed areas. This enables picture-in-picture style experiences where the InAppBrowser floats above your content.

Open WebView with Safe Margin

To create a webView with a 20px bottom margin (safe margin area outside the browser):

import { InAppBrowser } from '@capgo/inappbrowser'

InAppBrowser.openWebView({
  url: "YOUR_URL",
  enabledSafeBottomMargin: true
});

Web platform is not supported. Use window.open instead.

Test app and code:

https://github.com/Cap-go/demo-app/blob/main/src/views/plugins/Web.vue

Camera usage

Android

Add the following to your AndroidManifest.xml file:

    <uses-permission android:name="android.permission.CAMERA" />
		<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />
		<uses-permission android:name="android.permission.RECORD_AUDIO"/>

Then the permission will be asked when the camera is used.

iOS

Add the following to your Info.plist file:

<key>NSCameraUsageDescription</key>
<string>We need access to the camera to record audio.</string>

Microphone usage

Android

Add the following to your AndroidManifest.xml file:

<uses-permission android:name="android.permission.RECORD_AUDIO" />
<uses-permission android:name="android.permission.MODIFY_AUDIO_SETTINGS" />

Then the permission will be asked when the microphone is used.

iOS

Add the following to your Info.plist file:

<key>NSMicrophoneUsageDescription</key>
<string>We need access to the microphone to record audio.</string>

Location usage

Android

Add the following to your AndroidManifest.xml file:

<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />

Then the permission will be asked when location is requested by a website in the webview.

iOS

Add the following to your Info.plist file:

<key>NSLocationWhenInUseUsageDescription</key>
<string>We need access to your location to provide location-based services.</string>

Two way communication

With this plugin you can send events from the main app to the inappbrowser and vice versa.

The data is sent as a JSON object, so no functions or other non-JSON-serializable types are allowed.

Main app to inappbrowser, detail object is mendatory

InAppBrowser.postMessage({ detail: { message: "myMessage" } });

Receive event from native in the inappbrowser

window.addEventListener("messageFromNative", (event) => {
  console.log(event);
});

Send event from inappbrowser to main app, detail object is mendatory

window.mobileApp.postMessage({ detail: { message: "myMessage" } });

Receive event from inappbrowser in the main app

InAppBrowser.addEventListener("messageFromWebview", (event) => {
  console.log(event);
});

Close inappbrowser from inappbrowser itself

window.mobileApp.close();

API

goBack()

goBack() => Promise<{ canGoBack: boolean; }>

Navigates back in the WebView's history if possible

Returns: Promise<{ canGoBack: boolean; }>

Since: 7.21.0

open(...)

open(options: OpenOptions) => Promise<any>

Open url in a new window fullscreen, on android it use chrome custom tabs, on ios it use SFSafariViewController

Param Type
options OpenOptions

Returns: Promise<any>

Since: 0.1.0

clearCookies(...)

clearCookies(options: ClearCookieOptions) => Promise<any>

Clear cookies of url

Param Type
options ClearCookieOptions

Returns: Promise<any>

Since: 0.5.0

clearAllCookies()

clearAllCookies() => Promise<any>

Clear all cookies

Returns: Promise<any>

Since: 6.5.0

clearCache()

clearCache() => Promise<any>

Clear cache

Returns: Promise<any>

Since: 6.5.0

getCookies(...)

getCookies(options: GetCookieOptions) => Promise<Record<string, string>>

Get cookies for a specific URL.

Param Type Description
options GetCookieOptions The options, including the URL to get cookies for.

Returns: Promise<Record<string, string>>

close(...)

close(options?: CloseWebviewOptions | undefined) => Promise<any>

Close the webview.

Param Type
options CloseWebviewOptions

Returns: Promise<any>

openWebView(...)

openWebView(options: OpenWebViewOptions) => Promise<any>

Open url in a new webview with toolbars, and enhanced capabilities, like camera access, file access, listen events, inject javascript, bi directional communication, etc.

JavaScript Interface: When you open a webview with this method, a JavaScript interface is automatically injected that provides:

  • window.mobileApp.close(): Closes the webview from JavaScript
  • window.mobileApp.postMessage({detail: {message: "myMessage"}}): Sends a message from the webview to the app, detail object is the data you want to send to the webview
Param Type
options OpenWebViewOptions

Returns: Promise<any>

Since: 0.1.0

executeScript(...)

executeScript({ code }: { code: string; }) => Promise<void>

Injects JavaScript code into the InAppBrowser window.

Param Type
__0 { code: string; }

postMessage(...)

postMessage(options: { detail: Record<string, any>; }) => Promise<void>

Sends an event to the webview(inappbrowser). you can listen to this event in the inappbrowser JS with window.addEventListener("messageFromNative", listenerFunc: (event: Record<string, any>) => void) detail is the data you want to send to the webview, it's a requirement of Capacitor we cannot send direct objects Your object has to be serializable to JSON, so no functions or other non-JSON-serializable types are allowed.

Param Type
options { detail: Record<string, any>; }

setUrl(...)

setUrl(options: { url: string; }) => Promise<any>

Sets the URL of the webview.

Param Type
options { url: string; }

Returns: Promise<any>

addListener('urlChangeEvent', ...)

addListener(eventName: 'urlChangeEvent', listenerFunc: UrlChangeListener) => Promise<PluginListenerHandle>

Listen for url change, only for openWebView

Param Type
eventName 'urlChangeEvent'
listenerFunc UrlChangeListener

Returns: Promise<PluginListenerHandle>

Since: 0.0.1

addListener('buttonNearDoneClick', ...)

addListener(eventName: 'buttonNearDoneClick', listenerFunc: ButtonNearListener) => Promise<PluginListenerHandle>
Param Type
eventName 'buttonNearDoneClick'
listenerFunc ButtonNearListener

Returns: Promise<PluginListenerHandle>

addListener('closeEvent', ...)

addListener(eventName: 'closeEvent', listenerFunc: UrlChangeListener) => Promise<PluginListenerHandle>

Listen for close click only for openWebView

Param Type
eventName 'closeEvent'
listenerFunc UrlChangeListener

Returns: Promise<PluginListenerHandle>

Since: 0.4.0

addListener('confirmBtnClicked', ...)

addListener(eventName: 'confirmBtnClicked', listenerFunc: ConfirmBtnListener) => Promise<PluginListenerHandle>

Will be triggered when user clicks on confirm button when disclaimer is required, works with openWebView shareDisclaimer and closeModal

Param Type
eventName 'confirmBtnClicked'
listenerFunc ConfirmBtnListener

Returns: Promise<PluginListenerHandle>

Since: 0.0.1

addListener('messageFromWebview', ...)

addListener(eventName: 'messageFromWebview', listenerFunc: (event: { detail: Record<string, any>; }) => void) => Promise<PluginListenerHandle>

Will be triggered when event is sent from webview(inappbrowser), to send an event to the main app use window.mobileApp.postMessage({ "detail": { "message": "myMessage" } }) detail is the data you want to send to the main app, it's a requirement of Capacitor we cannot send direct objects Your object has to be serializable to JSON, no functions or other non-JSON-serializable types are allowed.

This method is inject at runtime in the webview

Param Type
eventName 'messageFromWebview'
listenerFunc (event: { detail: Record<string, any>; }) => void

Returns: Promise<PluginListenerHandle>

addListener('browserPageLoaded', ...)

addListener(eventName: 'browserPageLoaded', listenerFunc: () => void) => Promise<PluginListenerHandle>

Will be triggered when page is loaded

Param Type
eventName 'browserPageLoaded'
listenerFunc () => void

Returns: Promise<PluginListenerHandle>

addListener('pageLoadError', ...)

addListener(eventName: 'pageLoadError', listenerFunc: () => void) => Promise<PluginListenerHandle>

Will be triggered when page load error

Param Type
eventName 'pageLoadError'
listenerFunc () => void

Returns: Promise<PluginListenerHandle>

removeAllListeners()

removeAllListeners() => Promise<void>

Remove all listeners for this plugin.

Since: 1.0.0

reload()

reload() => Promise<any>

Reload the current web page.

Returns: Promise<any>

Since: 1.0.0

updateDimensions(...)

updateDimensions(options: DimensionOptions) => Promise<void>

Update the dimensions of the webview. Allows changing the size and position of the webview at runtime.

Param Type Description
options DimensionOptions Dimension options (width, height, x, y)

Interfaces

OpenOptions

Prop Type Description Since
url string Target URL to load. 0.1.0
isPresentAfterPageLoad boolean if true, the browser will be presented after the page is loaded, if false, the browser will be presented immediately. 0.1.0
preventDeeplink boolean if true the deeplink will not be opened, if false the deeplink will be opened when clicked on the link 0.1.0

ClearCookieOptions

Prop Type
url string

HttpCookie

Prop Type Description
url string The URL of the cookie.
key string The key of the cookie.
value string The value of the cookie.

GetCookieOptions

Prop Type
url string
includeHttpOnly boolean

CloseWebviewOptions

Prop Type Description Default
isAnimated boolean Whether the webview closing is animated or not, ios only true

OpenWebViewOptions

Prop Type Description Default Since
url string Target URL to load. 0.1.0
headers Headers Headers to send with the request. 0.1.0
credentials Credentials Credentials to send with the request and all subsequent requests for the same host. 6.1.0
materialPicker boolean materialPicker: if true, uses Material Design theme for date and time pickers on Android. This improves the appearance of HTML date inputs to use modern Material Design UI instead of the old style pickers. false 7.4.1
jsInterface JavaScript Interface: The webview automatically injects a JavaScript interface providing: - window.mobileApp.close(): Closes the webview from JavaScript - window.mobileApp.postMessage(obj): Sends a message to the app (listen via "messageFromWebview" event) 6.10.0
shareDisclaimer DisclaimerOptions Share options for the webview. When provided, shows a disclaimer dialog before sharing content. This is useful for: - Warning users about sharing sensitive information - Getting user consent before sharing - Explaining what will be shared - Complying with privacy regulations Note: shareSubject is required when using shareDisclaimer 0.1.0
toolbarType ToolBarType Toolbar type determines the appearance and behavior of the browser's toolbar - "activity": Shows a simple toolbar with just a close button and share button - "navigation": Shows a full navigation toolbar with back/forward buttons - "blank": Shows no toolbar - "": Default toolbar with close button ToolBarType.DEFAULT 0.1.0
shareSubject string Subject text for sharing. Required when using shareDisclaimer. This text will be used as the subject line when sharing content. 0.1.0
title string Title of the browser "New Window" 0.1.0
backgroundColor BackgroundColor Background color of the browser BackgroundColor.BLACK 0.1.0
activeNativeNavigationForWebview boolean If true, enables native navigation gestures within the webview. - Android: Native back button navigates within webview history - iOS: Enables swipe left/right gestures for back/forward navigation false (Android), true (iOS - enabled by default)
disableGoBackOnNativeApplication boolean Disable the possibility to go back on native application, useful to force user to stay on the webview, Android only false
isPresentAfterPageLoad boolean Open url in a new window fullscreen isPresentAfterPageLoad: if true, the browser will be presented after the page is loaded, if false, the browser will be presented immediately. false 0.1.0
isInspectable boolean Whether the website in the webview is inspectable or not, ios only false
isAnimated boolean Whether the webview opening is animated or not, ios only true
showReloadButton boolean Shows a reload button that reloads the web page false 1.0.15
closeModal boolean CloseModal: if true a confirm will be displayed when user clicks on close button, if false the browser will be closed immediately. false 1.1.0
closeModalTitle string CloseModalTitle: title of the confirm when user clicks on close button "Close" 1.1.0
closeModalDescription string CloseModalDescription: description of the confirm when user clicks on close button "Are you sure you want to close this window?" 1.1.0
closeModalOk string CloseModalOk: text of the confirm button when user clicks on close button "Close" 1.1.0
closeModalCancel string CloseModalCancel: text of the cancel button when user clicks on close button "Cancel" 1.1.0
visibleTitle boolean visibleTitle: if true the website title would be shown else shown empty true 1.2.5
toolbarColor string toolbarColor: color of the toolbar in hex format "#ffffff" 1.2.5
toolbarTextColor string toolbarTextColor: color of the buttons and title in the toolbar in hex format When set, it overrides the automatic light/dark mode detection for text color calculated based on toolbarColor brightness 6.10.0
showArrow boolean showArrow: if true an arrow would be shown instead of cross for closing the window false 1.2.5
ignoreUntrustedSSLError boolean ignoreUntrustedSSLError: if true, the webview will ignore untrusted SSL errors allowing the user to view the website. false 6.1.0
preShowScript string preShowScript: if isPresentAfterPageLoad is true and this variable is set the plugin will inject a script before showing the browser. This script will be run in an async context. The plugin will wait for the script to finish (max 10 seconds) 6.6.0
preShowScriptInjectionTime 'documentStart' | 'pageLoad' preShowScriptInjectionTime: controls when the preShowScript is injected. - "documentStart": injects before any page JavaScript runs (good for polyfills like Firebase) - "pageLoad": injects after page load (default, original behavior) "pageLoad" 7.26.0
proxyRequests string proxyRequests is a regex expression. Please see this pr for more info. (Android only) 6.9.0
buttonNearDone { ios: { iconType: 'sf-symbol' | 'asset'; icon: string; }; android: { iconType: 'asset' | 'vector'; icon: string; width?: number; height?: number; }; } buttonNearDone allows for a creation of a custom button near the done/close button. The button is only shown when toolbarType is not "activity", "navigation", or "blank". For Android: - iconType must be "asset" - icon path should be in the public folder (e.g. "monkey.svg") - width and height are optional, defaults to 48dp - button is positioned at the end of toolbar with 8dp margin For iOS: - iconType can be "sf-symbol" or "asset" - for sf-symbol, icon should be the symbol name - for asset, icon should be the asset name 6.7.0
textZoom number textZoom: sets the text zoom of the page in percent. Allows users to increase or decrease the text size for better readability. 100 7.6.0
preventDeeplink boolean preventDeeplink: if true, the deeplink will not be opened, if false the deeplink will be opened when clicked on the link. on IOS each schema need to be added to info.plist file under LSApplicationQueriesSchemes when false to make it work. false 0.1.0
authorizedAppLinks string[] List of base URLs whose hosts are treated as authorized App Links (Android) and Universal Links (iOS). - On both platforms, only HTTPS links whose host matches any entry in this list will attempt to open via the corresponding native application. - If the app is not installed or the system cannot handle the link, the URL will continue loading inside the in-app browser. - Matching is host-based (case-insensitive), ignoring the "www." prefix. - When preventDeeplink is enabled, all external handling is blocked regardless of this list. [] 7.12.0
enabledSafeBottomMargin boolean If true, the webView will not take the full height and will have a 20px margin at the bottom. This creates a safe margin area outside the browser view. false 7.13.0
useTopInset boolean When true, applies the system status bar inset as the WebView top margin on Android. Keeps the legacy 0px margin by default for apps that handle padding themselves. false
enableGooglePaySupport boolean enableGooglePaySupport: if true, enables support for Google Pay popups and Payment Request API. This fixes OR_BIBED_15 errors by allowing popup windows and configuring Cross-Origin-Opener-Policy. Only enable this if you need Google Pay functionality as it allows popup windows. When enabled: - Allows popup windows for Google Pay authentication - Sets proper CORS headers for Payment Request API - Enables multiple window support in WebView - Configures secure context for payment processing false 7.13.0
blockedHosts string[] blockedHosts: List of host patterns that should be blocked from loading in the InAppBrowser's internal navigations. Any request inside WebView to a URL with a host matching any of these patterns will be blocked. Supports wildcard patterns like: - ".example.com" to block all subdomains - "www.example." to block wildcard domain extensions [] 7.17.0
width number Width of the webview in pixels. If not set, webview will be fullscreen width. undefined (fullscreen)
height number Height of the webview in pixels. If not set, webview will be fullscreen height. undefined (fullscreen)
x number X position of the webview in pixels from the left edge. Only effective when width is set. 0
y number Y position of the webview in pixels from the top edge. Only effective when height is set. 0

Headers

Credentials

Prop Type
username string
password string

DisclaimerOptions

Prop Type Description Default
title string Title of the disclaimer dialog "Title"
message string Message shown in the disclaimer dialog "Message"
confirmBtn string Text for the confirm button "Confirm"
cancelBtn string Text for the cancel button "Cancel"

PluginListenerHandle

Prop Type
remove () => Promise<void>

UrlEvent

Prop Type Description Since
url string Emit when the url changes 0.0.1

BtnEvent

Prop Type Description Since
url string Emit when a button is clicked. 0.0.1

DimensionOptions

Prop Type Description
width number Width of the webview in pixels
height number Height of the webview in pixels
x number X position from the left edge in pixels
y number Y position from the top edge in pixels

Type Aliases

ClearCookieOptions

Omit<HttpCookie, 'key' | 'value'>

Omit

Construct a type with the properties of T except for those in type K.

Pick<T, Exclude<keyof T, K>>

Pick

From T, pick a set of properties whose keys are in the union K

{ [P in K]: T[P]; }

Exclude

Exclude from T those types that are assignable to U

T extends U ? never : T

Record

Construct a type with a set of properties K of type T

{ [P in K]: T; }

GetCookieOptions

Omit<HttpCookie, 'key' | 'value'>

UrlChangeListener

(state: UrlEvent): void

ButtonNearListener

(state: object): void

ConfirmBtnListener

(state: BtnEvent): void

Enums

ToolBarType

Members Value Description Since
ACTIVITY 'activity' Shows a simple toolbar with just a close button and share button 0.1.0
COMPACT 'compact' Shows a simple toolbar with just a close button 7.6.8
NAVIGATION 'navigation' Shows a full navigation toolbar with back/forward buttons 0.1.0
BLANK 'blank' Shows no toolbar 0.1.0

BackgroundColor

Members Value
WHITE 'white'
BLACK 'black'

Credits

About

Capacitor plugin in app browser with urlChangeEvent

Topics

browser capacitor capacitor-plugin

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

103 stars

Watchers

3 watching

Forks

83 forks
Report repository

Releases 39

7.29.0 Latest
Oct 30, 2025
+ 38 releases

Sponsor this project

 
Learn more about GitHub Sponsors

Contributors 31

+ 17 contributors

Languages