ASWebAuthenticationSession cookie

Have you tried deleting all of the cookies in browser or loading the console in a private window? There may be an issue at the browser level with some cached data.

Hi. Thanks for your prompt reply. I am also not concerned about Cordova. I have this new implementation that I need to work on regarding PIV related authentication in WKWebView. Please let me explain the scenario below. A PIV (Personal Identity Verification) card converts to a digital certificate by essentially extracting the cryptographic key pair stored on the card and embedding it into a digital certificate file, which can then be used for authentication and digital signing purposes. I am intending to use it in my iOS app which uses WKWebView and has Okta SSO for SAML Authentication. I am aware that this PIV digital certificate will be stored in iOS device through MDM. There are few questions that I have related to this implementation: As you mentioned that these certificates does not get stored in the form of .p12, then please let me know how and which format do they get stored. How can I use these digital certificates in my app when the SSO asks for authentication through PIV. For POC purposes, I have ad

We have already given the authentication in all the API services. And we are getting the valid cookie in browser. But cookie is not storing in the header request while calling the API using the JavaScript method. We are not using the swift and objective code in my application. Kindly suggest how we can set the cookie in header request using the JavaScript in the Cordova framework?

I disagree with your assessment that this is kind of how HTTP cookies work. The RFC you link is for how a server needs to interpret a cookie sent to it not how a client should implement creation of one. I think others would likely agree that this is a wart and that setting secure to false would result in the correct behavior of not setting the secure attribute on the cookie. It also make coding something simple like .secure: environment().isSecure() into another if statement that every person coming after will question why it's done this way and then eventually figure it out. The only reason I agree that this likely needs to stay the same is it's a pretty big breaking change at this point and many apps are likely working by accident as setting .secure to anything other than true makes no sense. Anyway... wasted more hours than I would like to admit on this as I was also adding a new networking library as well as adding cookies to the app so I spent a lot of time debugging t

I'm a freelancer in iOS development but every now and then I get a request to make small websites for distant relatives or friends or acquaintances of them. I don't like those heavy weight websites that take ages to load (hello WIX) with tons of js and those damned cookies. On the other hand I don't like to make static websites myself in html like in the 90s which look super sparse (though they load very fast). What I would really like is to make use of my Swift/SwiftUI knowledge in web. Been thinking about some minimal framework or some kind of method to do that. Found some toy projects but I don't want to bring the iOS L&F to the web, I want websites to look like websites but made with SwiftUI. No more CSS and HTML. Compiling SwiftUI to html is the first naive idea that comes to mind. But I lack the broad knowledge of web technologies out there so I find myself unable to devise anything that could nearly rival other sophisticated frameworks.

Added more point to clear the issue about cookie store issue in safari browser. Our application uses cookies to remember user login. Every auth API call we make, the browser attaches server-set HTTPOnly cookie with the API request and gets a response. This behaviour seems to be broken in safari after Sequoia release. I read about the cross-site cookie security implemented by safari and our server team added SameSite=None;Secure while setting the cookie. Even after that, it still doesn't work. Cookies are stored in the safari browser but it is not added into the request header on API call. Javascript API code to make requests with httpclient to get the response using Cordova framework in mobile app. The problem is on iOS/safari , the subsequent request does not send the cookie Header with the value. Android is working fine with the same code. Only Issue in iOS device. System Information- OS - Sequoia 15.1 Safari - 18. iOS Simulator - 18.1 Mobile ap

I don't know this might be related or not. But similar problems has occurred here: https://forums.developer.apple.com/forums/thread/764279. Not through Cookie API, fetch() API also can't include cookie which is possible in macOS 17.

I've been battling this same issue for at least 6 months now on an M2 Macbook Air (Model # MLXW3X/A). It doesn't seem to be a local disk space error, nor a RAM usage issue. Sometimes it seems like clearing browsing data (browser cache and cookies) seems to help, but it isn't a consistent fix.