- Scenario Overview:
In our app, we open an in-app browser to complete a third-party consent flow. The sequence is:
App → Website A (set cookie and redirect) → Google → Website A (check cookie) → App
After upgrading the app, the first consent attempt fails because the cookie cannot be written, causing the check cookie step to fail. However, if we use the native Safari browser, this issue does not occur.
- Observed Behavior:
| Upgrade app → Consent | ❌ Fail |
| Upgrade app → Consent fail → Consent again immediately | ✅ Pass |
| Upgrade app → Consent fail → Upgrade again after 1–2h → Consent | ✅ Pass |
| Upgrade app → Consent fail → Upgrade again after 1d → Consent | ❌ Fail |
| Install a new app → Consent | ✅ Pass |
| Upgrade app → Consent, cancel flow → Consent again | ✅ Pass |
| Install new app → Wait for upgrade → Upgrade app → Consent | ✅ Pass |
| Install new app → Wait 1–2h → Upgrade app → Consent | ✅ Pass |
- Investigation:
From Safari documentation, this seems related to Intelligent Tracking Prevention (ITP), which restricts cross-site cookie behavior during first-party interactions. However, I haven’t found a clear mitigation strategy yet.
- Question:
Has anyone encountered similar issues with Safari ITP after app upgrades? Are there recommended approaches to ensure cookies persist across this redirect flow?