ASWebAuthenticationSession cookie

We have changed from UIWebView we used to WKWebview. Changing WebView from UIWebView to WKWebView prevents login. Regenerate the PHPSESSID on the server in the login processing of the Web application and reconfigure it as a cookie. Because ios side can not confirm the update, I think that there is a problem with cookie synchronization processing. How do I synchronize cookies in WK WebView? ◆Configuration 【ios】 ios version: iOS9 Xcode:8.3.3 Swift3 【Server】 WebServer:CentOS　framework:cakePHP 2.9.9(Using authComponent) ◆Reference processing https://qiita.com/yonell/items/bbd45c64a0068f7dc9c3 ◆Steps to Reproduce 1.Login authentication with WebAPI ⇒PHPSESSID is returned from the server Set PHPSESSID to HTTPCookieStorage.shared.cookies 2.Generate WebView with WKWebview ⇒PHPSESSID returned from the server is set to WKWebView's configuretion using WKUserScript 3.application login processing 　⇒Loading PHPSESSID obtained from server with MutableURLRequest. ※At this time, the server regenerate

Trying to understand, how is working sharedCookieStorageForGroupContainerIdentifier on iOS. According to Apple docs: You can use this method to create a persistent cookie storage available to all apps and extensions with access to the same app group. Question is - where exactly such cookie store is located, what path it is? Do I understand correctly, that path could be found using [NSFileManager containerURLForSecurityApplicationGroupIdentifier:] method?

Since introduction of iOS 11 I am having problems with cookies that seems to be intermittently blocked at startup of the webapp. First thing that happens when starting the webapp is that the user has to login. Login results in a cookie being added by the webservice. Next time the user starts the webapp the user is authenticated with information in the cookie and content is presented to the user. Sometimes this works fine but often the cookie with authentication information is not present in the request. If I then go to Settings, Safari and under section Privacy & Security change any of the settings, e.g Ask Websites not to track me, the cookie will be present in the request first time I start the web app.There doesn't seem to be any problem with missing cookies once your loged in. It's only when starting the webapp. Anyone with the same problem?

I've noticed that in Safari on OSX 10.14 beta (18A314h) that Safari isn't persisting cookies from any site.Anyone else seen that issue and anything that I can do to fix it? I've tried turning on block all cookies (which clears cookies) and this hasn't changed behaviour.Privacy Settings are: https://www.dropbox.com/s/tf92dzn6598qjae/Screenshot%202018-06-28%2022.15.15.png?dl=0Just before I file a bug report on this I thought I'd check if anyone else has seen it...Iain

Hi,I'm trying to implement DTLS server using SecureTransport. I've noticed that even if I set a cookie on a server side using SSLSetDatagramHelloCookie, it's not used at all - wireshark shows me that upon receiving 'client hello' my server immediately sends 'server hello' with certificate etc. This is not how DTLS with cookies enabled is supposed to work (and this is NOT how OpenSSL-based server works). I can see in ST's source that it is setting ctx->dtlsCookie, I can also see in coreTLS (in SSL handshake) that it can send a cookie and client hello verify message. But actual framework I have on my macOS is apparently different.Am I missing something?

Hi everyone, I am trying to use ASWebAuthenticationSession to authorize user using OAuth2. Service Webcredentials is set. /.well-known/apple-app-site-association file is set. When using API for iOS > 17.4 using new init with callback: .https(...) everything works as expected, however i cannot make .init(url: ,callbackURLScheme: ....) to work. How can i intercept callback using iOS <17.4? Do I really need to use universal links? callbackURL = https://mydomain.com/auth/callback

We have an issue with our safari extension and 3rd party cookies. Our extension injects some UI elements to website A and allow our users add items from website A to shopping cart on our website B.Our website B use cookies for authorization and in this case safari block all cookies, so when we do ajax post requests from A to B, request cookies are empty and website B can't recognize which user did request.We tried to set cookies for 24h - it doesn't help. We tried to call popup window with login function in website A from website B - result is same.Please discribe how to change our code logic to get all things work.Maybe we should use localStorage or something?

Hi I'm developing a captive portal with cookies, it works fine in devices like Macs, laptops and android devices but cookies don't work on iPhone. I'm creating cookies in js with document.cookie but the problem is when I connect my iPhone and close CNA, it destroy them and next time I try to connect, cookies don't exist anymore. Someone can help me to figure out how can I avoid CNA destroy my cookies?

We're using webview in our iOS app to show the web page. The website contains cookies and they need to be Accepted/Declined by the users by clicking on Accept or Decline button, Which is handled by the website. Apple asked us to either remove the cookies from web content or implement App Tracking Transparency. We added App Tracking Transparency and now the user is asked to allow or deny the tracking permission once the user allows then we show the cookie prompt in the webview and if they deny the permission we don't show the cookie prompt. To achieve this we've set one cookie when the user denies the permission - so that the cookie popup isn't shown. But our app still got rejected, below is the message by the apple review team - We noticed you collect data to track after the user selects Ask App Not to Track on the App Tracking Transparency permission request. Specifically, we noticed your app accesses web content you own and collects cookies for

Hi, We load request in WKWebView 'A' to render chart if chart data is live connection we fetch data from other system for that we load SAML request in WKWebVIew 'B' upon successful SAML login instead of getting the cookies of request 'B' I am getting cookies of A request. This cause a blocker for us as we just moved from UIWebView to WKWebView. Please find the attachment of sample project where I send 2nd request after 10 secs. It will be great if this issue is addressed at the earliest. Please run and test multiple times. Thanks.

I have the following problem in SFSafariViewController.It looks simliar to the CVE-2018-4110 bug.https://nvd.nist.gov/vuln/detail/CVE-2018-4110Does anybody face the same problem?## Step to reproduction**When visit new page**1. Open a website by Safari2. Go to the app which uses SFSafariViewController3. Open the same website in SFSafariViewController4. It occasionally reads cookies from Safari.**When reopen the same page again**1. Launch an app which uses the SFSafariViewController.2. Open a page in SFSafariViewController.3. Close and back to the same web site again.4. It occasionally reads cookie from the previous session of the same page before new cookie is set.## Expected behaviorSFSafariViewController should not read cookies both from Safari or from the previous session.## EnvironmentiOS 11.3.1iPhone X

Hi all,Are cookies enabled by default when using a UIWebView?My app makes use of an affiliate program to monetize the application and I can see clicks - but want to ensure that it is using cookies.Thanks

I have a Siri Intent Extension and an iOS target that both have the code let cookieStorage = HTTPCookieStorage.sharedCookieStorage(forGroupContainerIdentifier: Constant.appGroupId) os_log(🔵 createSession Cookie Count: %i, cookieStorage.cookies?.count ?? 0) sessionConfiguration.httpCookieStorage = cookieStorage ... The idea is that when I login with the app the authentication cookie is set and then Siri commands can make network calls. When the user logs out of the app I call let cookieStorage = HTTPCookieStorage.sharedCookieStorage(forGroupContainerIdentifier: Constant.appGroupId) cookieStorage.cookies?.forEach { cookieStorage.deleteCookie($0) } After logging out the above os_log within the iOS app shows 0 cookies. If I bring up Siri and issue a command the extension still shows the authentication cookie. Why is the cookie still being seen within the extension? Should deletions in the app reflect in the Siri intent extension?

Cookies is not persisted when redirecting to another site having same domain name in Safari. The same code works in chrome.

I am currently using the ability to log in with my Instagram account using ASWebAuthenticationSession and it is not working! I filled in the URL directly and there was no problem on the web, but when I run it in SwiftUI in Xcode, it doesn't work and Error: The operation couldn’t be completed. (com.apple.AuthenticationServices.WebAuthenticationSession error 2.) I get this error. I was told that I need a custom scheme to return to mobile, but the Instagram redirect URL says no custom scheme. What should I do? IDs and URLs are placed under assumption. I have no idea since this is my first implementation. Should I send the scheme URL from the website to mobile once using Django or something else? import SwiftUI import AuthenticationServices struct InstagramLoginView: View { @State private var authSession: ASWebAuthenticationSession? @State private var token: String = @State private var showAlert: Bool = false @State private var alertMessage: String = var body: some View { VStack { Text(Instagr