Subject: Cross-Domain Access Behaviour in WKWebView – Clarification Required
Description:
We are facing a cross-domain issue in our iOS application where WKWebView loads content from one domain and attempts to access resources/data from another domain.
Current Setup:
App Platform: iOS
WebView: WKWebView
iOS Version: 26
Primary Domain: *.franconnectqa.net
Data/Analytics Domain: analytics.franconnectdev.net
SSL: Valid certificates configured
ATS: Enabled
Issue:
When WKWebView loads content from franconnectqa.net, it attempts to access resources or analytics from analytics.franconnectdev.net, resulting in cross-domain restrictions.
We would like to understand:
Does WKWebView support cross-domain resource access by default?
Are there any configuration settings that allow controlled cross-domain access?
Are there known limitations regarding cookies, local storage, or session sharing across domains?
Does WKWebView enforce additional restrictions beyond standard browser CORS policies?
Are there recommended best practices for handling cross-domain scenarios in WKWebView?
Expected Behavior:
We want to determine whether:
Cross-domain access is supported under certain configurations, OR
The recommended approach is to align all resources under the same domain.
Kindly provide guidance on the supported architecture and any configuration recommendations.