Point of URLSessionConfiguration.httpCookieAcceptPolicy?

UI Frameworks UIKit
invalidname OP
Created Jul ’17
Replies 0
Boosts 0
Views 429
Participants 1

I came across the 

httpCookieAcceptPolicy
on 
URLSessionConfiguration
and assumed it would take precedence over the 
HTTPCookieStorage.cookieAcceptPolicy
, being more narrowly-targeted (ie, just to sessions that use this configuration, and the tasks those sessions create).


In fact, that seems not to be how it works. Consider the following playground:


import Foundation
import PlaygroundSupport
func refuseCookiesRemote() {
    let configuration = URLSessionConfiguration.default
    configuration.httpCookieAcceptPolicy = .never // doesn't seem to matter!
    // configuration.httpShouldSetCookies = false // this actually matters
    guard let url = URL(string: "https://www.httpbin.org/cookies/set?refusedcookie=true")
        else { return }
    let session = URLSession(configuration: configuration)
    let task = session.dataTask(with: url) { data, response, error in
        print ("refuseCookiesRemote() got response")
        if let configCookies = configuration.httpCookieStorage {
            print ("configuration's cookies: \(configCookies.cookies(for: url) ?? [])")
            print ("storage's cookies: \(HTTPCookieStorage.shared.cookies(for: url) ?? [])")

        }
    }
    task.resume()
}
refuseCookiesRemote()
PlaygroundPage.current.needsIndefiniteExecution = true


So, the idea here is to create a configuration, give it the never-accept cookie policy, and then hit up the httpbin.org service that sets cookies (with name/value pairs set in the URL's query arguments).


My expectation here is that since the session is configured to never accept cookies, the print()s will show no cookies being set, either in the configuration's cookie storage nor in the shared instance of HTTPCookieStorage.


Instead, the cookie gets accepted and set in both of them. Here's the output:


refuseCookiesRemote() got response
configuration's cookies: [<NSHTTPCookie
  version:0
  name:refusedcookie
  value:true
  expiresDate:'(null)'
  created:'2017-07-19 20:34:42 +0000'
  sessionOnly:TRUE
  domain:www.httpbin.org
  partition:none
  path:/
  isSecure:FALSE
path:"/" isSecure:FALSE>]
storage's cookies: [<NSHTTPCookie
  version:0
  name:refusedcookie
  value:true
  expiresDate:'(null)'
  created:'2017-07-19 20:34:42 +0000'
  sessionOnly:TRUE
  domain:www.httpbin.org
  partition:none
  path:/
  isSecure:FALSE
path:"/" isSecure:FALSE>]


Am I misunderstanding how this works? Jump to definition doesn't give me a header doc for the Swift property, but if I look up NSURLSessionConfiguration's HTTPCookieAcceptPolicy, its header doc says:


/* Policy for accepting cookies.  This overrides the policy otherwise specified by the cookie storage. */


Thanks in advance.


—Chris

Replies  0
Boosts  0
Views  429
Participants  1
Point of URLSessionConfiguration.httpCookieAcceptPolicy?
First post date Last post date
 
 
Q