1. Why would you want to do something like that, when users already have a better app to browse that website, called a 'browser'?
2. Are you aware that such apps will most likely be rejected? See:
Should you still want to do such a thing, consider reading the cordova-plugin-inappbrowser documentation.
1a) Because my app is a secure messaging solution that is currently sending links to a new message via email and/or sms. When the user touches the link it opens a new tab in their browser instead of re-using the already-open tab and the result is frustrated and annoyed end-users.
1b) Because my clients are competitors to each other and want their copy of the app to have their own branding.
1c) Because my clients want to be able to use push notifications as an additional notification method in addition to the afore-mentioned email/sms.
2) This app will not be going into the app store, but distributed via the Apple Enterprise Developer program. Each of my clients will have their own membership in the program. We will be doing something similar for the Android version as well.
I have been playing with just loading my client's site through an <iframe> and I think that's going to work the way I want, but I'm having difficulty getting the ios PhoneGap developer app to behave, but that doesn't appear to be relevant to what I'm trying to accomplish with this question.
Here are some things you need to consider:
- You need some local code in order to handle network connectivity issues. If not, your app will just sit there, doing nothing. Your users aren't apt to be happy about that either.
- Since you're touting the security of the solution, you need some local code to check that the remote site you're loading really is the site you expect. Certificate pinning / fingerprinting would be a good idea.
- Don't use any native device features in your remote code: allowing access via iframe or remote code is a huge security risk -- what if someone served a malicious version of your site? Checking the cert helps here, but there are certainly ways around that as well. Don't use iframes either, since iframes have access to the web/native bridge. If you want to be reasonably safe, have your local code launch an IAB (in-app browser) to render your remote content. IAB doesnn't let remote code talk to the Cordova web/native bridge.
- Don't rely on the PhoneGap Developer app to test -- there are lots of edge cases where code will (or won't) work in the dev app, so you should always test using a regular CLI or PGB build.