The Wayback Machine - https://web.archive.org/web/20211013014836/https://github.com/meteor/meteor/issues/11458
Skip to content

/ meteor Public

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Server set cookies not working on Cordova/iOS #11458

Open
menelike opened this issue Jun 1, 2021 · 3 comments
Open

Server set cookies not working on Cordova/iOS #11458

menelike opened this issue Jun 1, 2021 · 3 comments
Labels
good first issue Project:Docs Project:Mobile

Comments

@menelike
Copy link
Contributor

@menelike menelike commented Jun 1, 2021
edited

Since iOS has changed its cookie policy named as INTELLIGENT TRACKING PREVENTION (see risetechnologies/cookieTest#2 (comment) for a brief explanation) cookies set by the server are not being taken into account anymore (also see https://forums.meteor.com/t/sticky-session-using-cookies-and-cordova/44419/9).

This is especially an issue if load balancers use sticky sessions in conjunction with cookies as described in https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html

This is not an issue with the Meteor codebase itself, but it may make sense to either document this or use https://github.com/GEDYSIntraWare/cordova-plugin-webview-proxy per default along cordova-plugin-meteor-webapp.

Also, I think that at some point this issue will affect Android as well.

Which platform is affected?

Meteor in conjunction with Cordova on iOS.

What is the issue?

A cookie set in an HTTP response header is ignored on iOS.

What are the consequences of the problem?

For instance, when a load balancer sets a sticky-session cookie to link the connection with a specific server, this link won't work as the client never uses that cookie on any request. Of course, this will affect other scenarios where server-set cookies are important as well.

Are there any workarounds/solutions?

  1. A temporary solution was to use Xcode 11.x, as Xcode 12.x is mandatory since April 26, 2021 that solution is outdated.
  2. Cookies can be managed on the native level on iOS. https://github.com/GEDYSIntraWare/cordova-plugin-webview-proxy makes use of that and proxies requests through the native level. This implementation is based on WKURLSchemeTask and IMHO represents a valid long-term solution. Ionic has done something similar in cordova-plugin-ionic-webview

Motivation

While there is a viable and independent solution (cordova-plugin-webview-proxy), other Meteor developers might face the same issue and may not find a proper solution. The main goal is to document the effects of ITP on Meteor and not to provoke any changes in the Meteor codebase.

References
@StorytellerCZ
Copy link
Contributor

@StorytellerCZ StorytellerCZ commented Jun 1, 2021

I'm confused what you are trying to achieve here. You said that this does not effect Meteor, so do you just want this documented in some way on how people should manage this?
@menelike
Copy link
Contributor Author

@menelike menelike commented Jun 1, 2021

@StorytellerCZ You're absolutely right, I wrote that in a hurry, that was a bad decision.
I updated the issue description, hopefully, it is more clear now. Let me know if it needs further explanation.
@StorytellerCZ
Copy link
Contributor

@StorytellerCZ StorytellerCZ commented Jun 2, 2021

I think then this issue would be more suited for Docs: https://github.com/meteor/docs/
Or Guide: https://github.com/meteor/guide/
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
good first issue Project:Docs Project:Mobile
2 participants
@StorytellerCZ @menelike