[
https://issues.apache.org/jira/browse/CB-13655?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Joe Bowser resolved CB-13655.
-----------------------------
Resolution: Won't Fix
This is a Chromium bug, closing.
> Android Cordova App with IFrames Chrome 63 No Request Headers Cookies
> ---------------------------------------------------------------------
>
> Key: CB-13655
> URL: https://issues.apache.org/jira/browse/CB-13655
> Project: Apache Cordova
> Issue Type: Bug
> Components: cordova-android
> Environment: Chrome 63 android devices
> Reporter: Faisal Akhtar
> Assignee: Joe Bowser
> Priority: Blocker
>
> Since the release of Chrome 63 on Android, on the 6th December 2017, I have
> encountered a problem with my companies Cordova based Android app. This app
> includes IFrames that allow users to navigate parts of my companies eCommerce
> website from within the app.
> The navigation between pages loaded in the IFrames no longer send any cookie
> information in the Request Headers.
> Information such as Session Ids that are stored in a cookie are not passed
> across to the next page, which in turn causes the next page to start a whole
> new user session!
> What is strange however is that any AJAX calls preformed within a page on the
> IFrames (e.g. To retrieve the number of items in the basket) and asset
> requests (css js, image files etc) do send cookie information in the request
> headers fine. The session id in these headers are identical between pages,
> indicating session persistence.
> Cookies are being created ok and I can see them when using the Chrome
> developer tools within the Application panel under the companies domain. They
> just aren't being passed to the next page.
> I experienced this issue on an Android 7.1.1 device. When I disable the
> Chrome app on this device the cookie request headers in the IFrames in the
> app begin to work fine again, presumably the Cordova Webview is no longer
> using Chrome when it is disabled?
> Does anyone know what may be causing this issue? Could it be anything related
> to SameSite cookies or Strict site isolation changes or other security
> related changes in Chrome 63?
> The issue appears similar to this Chromium bug that was fixed October 2016:
> https://bugs.chromium.org/p/chromium/issues/detail?id=634311
> The Webview does however have ThirdParty cookies enabled in the
> SystemCookieManager class of the Cordova library (Cordova Android 6.4.0):
> {code:java}
> if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.LOLLIPOP) {
> cookieManager.setAcceptThirdPartyCookies(webView, true);
> }
> {code}
> Apologies if I haven't specified anything clearly enough. I'm happy to
> provide additional information if anyone can help with this issue.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
