Feat: disable default iOS URLCache

[Xseuguh]

What is the problem

On iOS, each request is cached in plain text within the app’s file system. A malicious user with root access could access this cache and extract sensitive data, such as credentials from a login endpoint. More details on this article

Proposal

Deactivate the URLCache and clear the existing cache => Will it break things ? On react native app, caching is mainly done on the JS side, this native cache does not seem to be used

How to reproduce

• Launch your app
• Open the files associated to this app (for example using open $(xcrun simctl get_app_container booted <your.bundle.id> data))
• Go to Library/Caches/<your.bundle.id>
• Open the Cache.db

Before	After
https://github.com/user-attachments/assets/5c8c6894-08d5-49e7-8a66-a95de3cb4d94	https://github.com/user-attachments/assets/1f4ea1dd-e885-488f-b0d0-5a5d76313b06

TODO

Blocking the merge:

• [x] add a flag to enable/disable the functionality (disable by default)
• [x] complete README with an Experimental tag

To go further:

• [ ] investigate more deeply the full impact of fully disabling the cache (webview, assets, ...)