Skip to main content
Cromite blocks external app launches by default to protect your privacy. This guide explains why and how to manage external app integration.

Understanding External App Blocking

What is External App Integration?

When you click a link in a browser, it can:
  • Open within the browser
  • Launch an external app (e.g., YouTube app for YouTube links)
  • Open a Custom Tab within another app
External app launches can leak browsing data and link your web activity with in-app activity.

Privacy Implications

Data Sharing Risk

When a browser opens an external app:

Information Passed

  • URL being opened
  • Referrer information
  • User agent data
  • Session identifiers
  • Timing information

Privacy Impact

  • Links web and app browsing
  • Creates cross-platform profiles
  • Enables tracking correlation
  • Bypasses browser protections
When clicking a YouTube link: 
Default Cromite Behavior:
✓ Opens in Cromite browser
✓ Video URL stays in browser
✓ No data shared with YouTube app
✓ Browser privacy protections apply

With External Apps Enabled:
✗ Launches YouTube app
✗ Video URL shared with app
✗ Additional metadata may be passed
✗ App tracking can correlate activity
The YouTube app may receive not just the video URL, but also information that can link your browser session with your app usage.

Default Behavior

Cromite disables external app integration by default:
Status: Disabled by defaultBlocks the browser from launching external apps when clicking links or following redirects.
Status: Disabled by defaultPrevents other apps from opening Cromite in “Custom Tab” mode, which can pass tracking data.
Status: Enabled by defaultBlocks intent:// and other app scheme URLs that attempt to launch external applications.

Enabling External Apps

You can enable external app launches if needed:
1

Visit Website

Navigate to a website where you want to allow external app launches (e.g., YouTube).
2

Open Site Settings

Tap the lock icon or site info icon in the address bar.
Open site information
3

Access Permissions

Tap Site settings to view permissions for the current site.
4

Enable External Apps

Find Open links in external apps and toggle it to Allowed.
Enable external apps
5

Test Behavior

Click a link that would normally open an external app (e.g., YouTube video). Android will now prompt you to choose the app.
Enable external apps only for specific sites you trust, not globally.

Managing External App Permissions

View All Permissions

Check which sites can launch external apps:
1

Open Settings

Navigate to Settings in Cromite.
2

Site Settings

Go to Site settingsOpen links in external apps.
3

Review Sites

View all sites with external app permissions.

Revoke Permission

Remove external app access from a site:
1

Find Site

In Site settingsOpen links in external apps, locate the site.
2

Open Site Settings

Tap on the site entry.
3

Change Permission

Change the setting from Allowed to Blocked.

Custom Tab Intents

Custom Tabs are a feature that allows apps to open web content in a lightweight browser instance.

Privacy Concerns

Custom Tabs can pass referrer information that links app usage with browser activity.
When an app opens a Custom Tab:
  • The app knows what URL you’re visiting
  • Referrer headers may include app-specific identifiers
  • Your browsing session can be correlated with app activity
  • The app may receive navigation events

Cromite’s Protection

Cromite disables Custom Tab intents by default: 
External App Request:
"Open https://example.com in Custom Tab
 with referrer: android-app://com.example.app"

Cromite Response:
✓ Blocks Custom Tab intent
✓ Prevents referrer leakage
✓ Opens in normal browser tab instead
✓ No app correlation data

App Scheme URLs

App scheme URLs attempt to launch apps directly: 
intent://example.com/#Intent;scheme=https;package=com.example.app;end

Cromite’s Blocking

These schemes are blocked by default:
Blocked to prevent automatic app launches and data sharing.
Blocked to prevent apps from being launched without explicit user consent.
Removed to prevent linking between web and app contexts.

Use Cases

When to Enable External Apps

Media Streaming

  • YouTube videos
  • Spotify music
  • Twitch streams
  • Video conferencing apps

Productivity

  • Opening documents in Office apps
  • Launching calendar events
  • Opening maps in navigation apps
  • Email client integration

Social Media

  • Opening Twitter/X in app
  • Instagram links
  • Facebook posts
  • Messaging apps

Utilities

  • App store links
  • File management
  • Banking apps
  • Payment apps

When to Keep Disabled

Keep external apps disabled for:
  • General web browsing
  • News sites
  • Shopping sites
  • Sites with sensitive information
  • Unknown or untrusted sites
  • Public Wi-Fi usage
  • Privacy-focused browsing

Alternative Approaches

Share Instead of Open

Instead of allowing automatic app launches:
1

Copy Link

Long-press on a link and select Copy link address.
2

Open App Manually

Open the target app directly.
3

Paste Link

Paste the link in the app’s search or address field.
This approach gives you more control and doesn’t automatically share data between browser and app.

Use Share Menu

Share content explicitly through Android’s share menu:
1

Navigate to Content

Open the page you want to share in Cromite.
2

Open Share Menu

Tap the Share button in Cromite’s menu.
3

Choose App

Select the app you want to share to from the share menu.

Technical Details

Intent Filtering

Cromite modifies Android intent handling: 
External Intent Request:
- Action: ACTION_VIEW
- Data URI: youtube://watch?v=VIDEO_ID
- Package: com.google.android.youtube

Cromite's Response (Default):
✓ Intent blocked
✓ Opens URL in browser instead
✓ No package-specific handling
✓ No referrer information passed

Referrer Blocking

When external apps ARE enabled, Cromite still:
  • Removes Android app referrers
  • Blocks intent-specific metadata
  • Sanitizes URLs where possible
Even with external apps enabled, Cromite provides more privacy protection than standard browsers.

Global Settings

Enable External Apps Globally

Not recommended for privacy reasons.
To enable external apps for all sites:
1

Open Settings

Navigate to SettingsSite settings.
2

External Apps

Find Open links in external apps.
3

Change Default

Change the default from Blocked to Allowed.

Disable External Apps Globally

Ensure maximum privacy:
1

Open Settings

Navigate to SettingsSite settings.
2

External Apps

Find Open links in external apps.
3

Block All

Set default to Blocked and clear all site exceptions.

Troubleshooting

Check:
  1. External app permission is enabled for the site
  2. The target app is installed
  3. Android system has default app associations set
  4. The link is actually an app-compatible URL
Expected Behavior: Custom Tabs are disabled by default.Note: There is no built-in way to enable Custom Tabs in Cromite due to privacy concerns. Consider using the Share menu instead.

Privacy Recommendations

Best Practices

  • Keep external apps disabled by default
  • Only enable for specific trusted sites
  • Regularly review permissions
  • Use Share menu for explicit sharing

High Privacy

  • Never enable external apps globally
  • Avoid app launches on sensitive sites
  • Use isolated browser profiles
  • Copy/paste links manually when needed
External app integration is part of Cromite’s broader privacy features:
For maximum privacy, combine external app blocking with other Cromite privacy features like cookie partitioning and referrer removal.

Build docs developers (and LLMs) love

Get started for freeTalk to us