ASWebAuthenticationSession cookie

Hi, I created an SSO extension that works fine. The extension triggers for my domain when I need to run an OIDC flow by the authorize path of my issuer. I finish the whole OIDC flow inside the extension and get the required parameters (access token, ID token, state, etc.), and build the Location header to return to the caller (in my case it triggers from Safari). I also attach the Set-Cookie with my cookies. For completion, I call the authorizationRequest?.complete(httpResponse: response, httpBody: nil) with a 302 code response I create which contains the cookies and the Location header. My problem is that the Safari gets the response with the redirect, removes the Extension, and a sec after the extension triggers again with the same authorize request. All this happens in a loop without stopping, unless I call authorizationRequest?.doNotHandle(). I checked the Location header to a similar one from a regular web flow that works fine (without the extension) and both are the same. Any

we encountered a strange problem when using NSURLSession with watchkit 2, ios 9.0.most headers and cookies are returned from the server (using HTTPS)but the single sign on cookie is missingwhen running the exact same code in an iphone application (request via NSURLSession) the cookie is visible in the shared cookie storage.I've read alot of posts on how to add headers via the HTTPAdditionalHeaders, but this specific cookie should have been returned from the serverwhy would one specific cookie go missing while the others are returned?

User1(Android) and User2(iOS) are logging into the mobile application. User1 successfully logs into the application. Later when user2 logs in, he sees User1's details. The request flows to the server in below structure: Mobile hybrid app (Cordova plugin, Temenos UXP) -> GTM -> LTM -> LBs ->DC1/2 server Is there any possibility that two sessions getting overlapped with user details (Local storage/Session storage getting mixed) ? Is there any possibility of data overlapping at the cookie/cache level ? User 1 (android) logs in and after few minutes user 2 (iOS) logs in, before user 2 (iOS) logs in, User 2 is able to see user 1 details. Is it somewhere needs to checked at OS/Web browser/Plugins/Dependencies other than session level ?

I'm using a webview for the UI of my application, this uses a cookie for the login process. This cookie is only for handling the login and isn't used for advertising, tracking or sharing with third parties. My store submission is failing because the application doesn't show the App Tracking Transparency prompt. My understanding from reading the documentation is this is required if you're tracking the user through multiple apps/websites and/or passing that data to third parties or for targeted advertising. The application does none of these things, therefore from the documentation I shouldn't need to show the App Tracking Transparency prompt. Is it the case that the use of cookies at any point for any reason within a web view within an application require the use of the App Tracking Transparency prompt, as I feel this should have been highlighted within the documentation if this is the case?

My app was recently rejected because of non-compliance with App Tracking transparency because, while I do not use any kind of tracking in my app whatsoever, I do link out to the website that my company owns, and on that site, there are cookies. I obviously cannot control what the website does as I'm not on that team. Is there any way to launch a website that uses cookies without requiring the ATT popup? I've heard that SFSafariViewController is sufficient but WKWebview is not. Is this true? Is there something I can do to launch to the website (for things like FAQs) but avoid requiring the ATT popup?

Safari has been working fine since Monday. Here we are 6 days later and Safari on my iPhone wont load any websites without crashing. The app itself doesnt crash, just the tab crash's. Says problem repeatedly happened on this webpage and page title changes to Webpage Crashed. I have cleared all cookies and data, rebooted phone several times, perform force reboot/reset. I'm kind of surprised that I'm the only one reporting this issue.

Hi everyone, I am trying to download Xcode from command line the following way: wget --certificate=certificate.pem --private-key=private-key.pem --server-response https://download.developer.apple.com/Developer_Tools/Xcode_13.3.1/Xcode_13.3.1.xip --no-check-certificate --load-cookies=cookies.txt I am getting the following error: HTTP request sent, awaiting response... 302 Moved Temporarily Location: https://developer.apple.com/unauthorized/ I have the certificate and private key from developer.apple.com and I am using them for authentication(correct me if I am wrong and they cannot be used for authentication). From several forums I found that the error regarding authorization could also be from cookies, so I got the cookies. Still the same error. I need the download of Xcode to be done from command line so that I can then automate the procedure using ansible playbooks (basically for the purpose of downloading and installing it on multiple mac machines.) Please, if the approach is ent

I submitted my app for review for the third time and it was rejected for the third time. This is cited as the reason for rejection. But I don't want to disable user login because I'm sure this will cause some security problems. How can I overcome this problem. Guideline 5.1.1 - Legal - Privacy - Data Collection and Storage We noticed that your app requires users to register or log in to access features that are not account based. Apps may not require users to enter personal information to function, except when directly relevant to the core functionality of the app or required by law. For example, an e-commerce app should let users browse store offerings and other features that are not account based before being asked to register, or a restaurant app should allow users to explore the menu before placing an order. Registration must then only be required for account-specific features, such as saving items for future reference or placing an order. Next Steps To resolve this issue, please revise your app to let us