RT @all_secured
Quick reminder: No matter which app you're using (Instagram, Whatsapp, Facebook, etc.), DO NOT use the in-app browser. In other words, if you want to visit a website, click on the link and either copy/paste it into a separate browser or find the "open in default browser" setting.
@biguenique I think you should ask to Josh @all_secured on Twitter. I RT this tweet https://twitter.com/all_secured/status/1561809252104159237?s=21&t=qNYYtK4eMysxZYdqtutY4w Anyway, I think that there could be risks because you don't know the proprietary code of the app and so what the in-app browser do.
@biguenique you can read this post https://krausefx.com/blog/ios-privacy-instagram-and-facebook-can-track-anything-you-do-on-any-website-in-their-in-app-browser and that one https://krausefx.com/blog/announcing-inappbrowsercom-see-what-javascript-commands-get-executed-in-an-in-app-browser Maybe they could be helpful to you.
@nicfab Just stumbled on this (in French) : https://www.01net.com/actualites/tiktok-surveille-tout-ce-que-vous-tapez-compris-mots-passe.html
Apparently, the in-app browser can steal your passwords and whatever you type in. Makes sense.