You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cordova.apache.org by "ASF GitHub Bot (JIRA)" <ji...@apache.org> on 2018/09/16 17:57:00 UTC

[jira] [Commented] (CB-12145) Since Android 5 third party cookies cannot be accepted by the browser due to default policy settings

    [ https://issues.apache.org/jira/browse/CB-12145?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16616820#comment-16616820 ] 

ASF GitHub Bot commented on CB-12145:
-------------------------------------

janpio commented on issue #198:  CB-12145: (android) Allow third party cookies if parameter set
URL: https://github.com/apache/cordova-plugin-inappbrowser/pull/198#issuecomment-421804376
 
 
   Hey @tmoxon , there seems to be a merge conflict now. Could you maybe fix this? Thanks.

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


> Since Android 5 third party cookies cannot be accepted by the browser due to default policy settings
> ----------------------------------------------------------------------------------------------------
>
>                 Key: CB-12145
>                 URL: https://issues.apache.org/jira/browse/CB-12145
>             Project: Apache Cordova
>          Issue Type: Improvement
>          Components: cordova-plugin-inappbrowser
>         Environment: Android 5+
>            Reporter: Tim Moxon
>            Priority: Minor
>              Labels: android, cookies, security
>   Original Estimate: 2h
>  Remaining Estimate: 2h
>
> Since Android Lollipop / version 5 the inappbrowser cannot accept third party cookies due to changes to the default policy from the OS. The main cordova platform now accepts them by default to handle various workflows in which they are necessitated, however the inappbrowser hasn't yet followed suit.
> In my particular usage scenario this creates problems with an opened browser not being able to pass through an oauth flow to another site in the background. 
> I have a fix for this which I will commit now in association with this ticket.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org