Make Android WebView not store cookies or passwords

Question

I use an Android WebView for Twitter OAuth: Twitter asks the user to log in and authorize the application, I retrieve the access token and persist it in my application.

Answer 1

You can use this to prevent cookies from being stored and clean cookies already stored:

CookieSyncManager.createInstance(this);
CookieManager cookieManager = CookieManager.getInstance();
cookieManager.removeAllCookies(callback);
cookieManager.setAcceptCookie(false);

WebView webview = new WebView(this);
WebSettings ws = webview.getSettings();
ws.setSaveFormData(false);
ws.setSavePassword(false); // Not needed for API level 18 or greater (deprecated)