customautosys commented on issue #850: URL: https://github.com/apache/cordova-android/issues/850#issuecomment-1247557570
> SameSite will now be enforced on API 31 devices. > > > Starting in API 31 on Android 12 devices, [Google](https://developer.android.com/about/versions/12/behavior-changes-12#samesite) has started enforcing SameSite policies for WebView cookies. > > Cordova cannot override this policy. > > Personally I don't use cookies so I'm not totally familiar with the SameSite policies but they have a [guide](https://web.dev/samesite-cookies-explained/) that should be able to help. It may involve making changes to your server. > > [#1417 (comment)](https://github.com/apache/cordova-android/issues/1417#issuecomment-1129514787) > > However, Cordova cannot override this policy. May require server changes to satisfy SameSite rules, or you may have to stop using cookies for Cordova-based apps. > > For this reason, I'm closing this issue as won't fix. Hi I believe the situation is now more severe with API 31. I've just tried it and my app which works on API 30 cannot work on API 31 at all due to this issue. I can't modify the server which I'm accessing through CORS as I don't have access to that server. On Electron I am able to access the response to forcibly add SameSite=None; Secure to every single cookie but for Cordova there doesn't seem to be a way to do this. I'm wondering if there's a way to override shouldInterceptRequest for the Cordova webView for people who need this fix. However, it seems that shouldInterceptRequest doesn't work for AJAX requests but only page loads? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
