You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cordova.apache.org by GitBox <gi...@apache.org> on 2021/04/17 23:23:07 UTC

[GitHub] [cordova-ios] adamdport opened a new issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

adamdport opened a new issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088


   # Feature Request
   Intelligent Tracking Prevention (ITP) is designed to block cross origin tracking. It seems like [App-Bound Domains are the preferred way to establish communication with a remote server](https://blog.merzlabs.com/posts/webview-history/#app-bound-domains) according to Cordova's own @niklasmerz. I've managed to get my hybrid app working with authentication cookies, even with iframes and InAppBrowser, but only after setting AppBoundDomains in my app's plist and setting `LimitsNavigationToAppBoundDomains`. The feature request is for these settings to be configurable from Cordova's `config.xml`. Additionally, appBoundDomains and both `scheme` and `hostname` should be configurable via the CLI to aid in build automation to different environments, and the docs should be updated with _at least a brief_ mention of what CORS is and how to configure it on a server.
   
   ## Motivation Behind Feature
   Any app using authentication cookies trying to switch from UIWebView to WKWebView will run into issues where cookies aren't being properly set by the authentication response. There is some confusion coming from [@niklasmerz's webkit issue](https://bugs.webkit.org/show_bug.cgi?id=213510), because Niklas's app cannot configure the domains at buildtime. However, for any app that only needs to communicate with 10 or fewer domains (I'd imagine this is _most_ hybrid apps), App Bound Domains offers a solution: 
   
   > The App-Bound Domains feature takes steps to preserve user privacy by limiting the domains on which an app can utilize powerful APIs to track users during in-app browsing. **Applications that opt-in to this new feature can specify up to 10 “app-bound” domains**
   
   I've managed to get my hybrid app working using AppBoundDomains, but it involves manually tweaking the XCode project generated by cordova after a build, which is not ideal.
   
   ## Feature Description
   If `config.xml` contains any appBoundDomains, add those to the plist generated during the ios build, and set `configuration.limitsNaviationsToAppBoundDomains = YES` in `CDVWebViewEngine.m`.
   
   ## Alternatives or Workarounds
   There are efforts to [bypass CORS restrictions altogether using a webview proxy](https://github.com/GEDYSIntraWare/cordova-plugin-webview-proxy) but this doesn't currently seem to work with iframes or inappbrowser.  There's also a request for comment in another github issue, but that issue is closed, so I'm tagging it here: https://github.com/apache/cordova-ios/issues/922#issuecomment-747362315. It should also be noted that this only seems to be needed for iOS14, since AppBoundDomains don't exist prior to that, and the app seems to work fine without it.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg edited a comment on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg edited a comment on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-815250431


   please fix these bugs.
   ios 14  cordova ios 6+ dont send cookies 
   we use aws load balance that only use cookies for "sticky session feature" 
   we need cookies to bind a user's session to a specific instance ([aws load balance](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html)) "sticky session feature"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] cparki3 commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

cparki3 commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-854784302


   Has there been any update on this? Has anyone been able to get this working with the webview proxy plugin? We are using ionic and we have a few domains we need to be able to access cookies from. Similar to @tymcdowell we have our store pages integrated in our app with iframes. Configuring the main wkwebview and adding the App Bound Domains does not work. The only thing that has worked so far is adding the "NSCrossWebsiteTrackingUsageDescription" to our plist which enables the manual settings toggle for our users. It's a terrible user experience though and we need an alternative.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] tymcdowell commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

tymcdowell commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830722981

Yes, as you mentioned, you can now set your domain in your app using either the ionic-wkwebview plugin or by using cordova-ios@6+. The latter has the wkwebview support built in as the default web view. Using WkWebView without the App Bound Domains works just fine as long as we're going against the domain defined as Hostname in config.xml. Our problem is embedding an iframe in the app for a third party vendor. HTML shows fine, but the cookie isn't stored once the user logs in via the iframe. My hope was that App Bound Domains would allow me to give iOS a list of domains that we need cookies for. The minute I turned on the app bound domains, it wouldn't go past loading Javascript in the app's index file. It appears to me that the Cordova support for WkWebView is good, but it doesn't support having the App Bound Domains in addition to it. That is why I asked how you had managed to get App Bound Domains in a Cordova app to work.

Honestly, I was curious to see someone using the Cordova WkWebView along with App Bound Domains and I cannot find that online. If you are using both and it is working, I would love to get more info.

--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-821901280


   Nothing more than I've said. Did you set the `hostname` in cordova's `config.xml` so that it matches the domain of your backend, and set `withCredentials:true` on your XHR requests?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-814264983


   No. MacOS Catalina 10.15.7, iOS 14.4, Xcode 12.4. I had uninstall/reinstall both my cordova plugins and platforms to resolve an InAppBrowser issue. I didn't re-add the AppBoundDomains to my plist or add the LimitsNavigation code to the project, but yet my cookies seem to be syncing appropriately now. It's "nice" that I don't have to tweak the build for each environment anymore, but also terrifying that it suddenly started working. But I suppose if `hostname` matches the domain of my server, then it's _supposed to_ work without opting into `LimitsNavigationToAppBoundDomains` right?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport edited a comment on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport edited a comment on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-821901280


   Nothing more than I've said. Did you set the `hostname` in cordova's `config.xml` so that it matches the domain of your backend, and set `withCredentials:true` on your XHR requests? (accidentally clicked the "close" button, sorry)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg edited a comment on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg edited a comment on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-815250431


   please fix these bugs.
   ios 14  cordova ios 6+ dont store/send cookies 
   we use aws load balance that only use cookies for "sticky session feature" 
   we need cookies to bind a user's session to a specific instance ([aws load balance](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html)) "sticky session feature"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-821899796


   @adamdport any update?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] NiklasMerz commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

NiklasMerz commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-814255600


   @adamdport Did you update iOS (beta) or Xcode? I am just wondering if Apple changed something.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-815250431


   please fix these bug.
   ios 14  cordova 6+ dont send cookies 
   we use aws load balance that only use cookies for "sticky session feature" 
   we need cookies to bind a user's session to a specific instance ([aws load balance](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html)) "sticky session feature"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport closed issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport closed issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg edited a comment on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg edited a comment on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-815250431


   please fix these bug.
   ios 14  cordova ios 6+ dont send cookies 
   we use aws load balance that only use cookies for "sticky session feature" 
   we need cookies to bind a user's session to a specific instance ([aws load balance](https://docs.aws.amazon.com/elasticloadbalancing/latest/application/sticky-sessions.html)) "sticky session feature"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830721838


   My app is a cordova app, and no I don't use the plugin. As of 6.0.0 cordova-ios supports wkwebview without any plugins.
   
   > I have no issue running against my own domain, it is just when I go outside of it, I experience issues with the cookies
   
   Are you saying cookies are working for one domain? If so, that's all I've been able to get working. My app only requires authentication with one backend. I was unsuccessful when I tried to authenticate to a different domain than my app was using. That is, if my app was hosted from app://domain1.com, it wouldn't persist cookies from domain2.com despite both being listed as app bound domains. I could only make it work if they matched. You could try the [webview proxy plugin](https://github.com/GEDYSIntraWare/cordova-plugin-webview-proxy), I think the entire purpose of that plugin was to allow connecting with multiple domains.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] tymcdowell commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

tymcdowell commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830726281


   @adamdport I now understand your comment above - "I don't understand what changed, but my app is now working without requiring AppBoundDomains, so please take this feature request with a grain of salt. If you've arrived here and have an app running on cordova-ios@6 and have functional cross-origin cookies working with or without App Bound Domains, please leave a comment. Thanks."  
   
   It isn't the app bound domains that fixed it.  It is the support for a custom domain name in cordova-ios@6+ allowing an app to identify as being served by X domain.  


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] CWBudde commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

CWBudde commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-866484941


   While there are a few other workarounds for the problem (one domain only approach, wkwebview proxy, adding NSCrossWebsiteTrackingUsageDescription), I think it's still necessary to get access to this setting. This said, it's probably not just adding a few values to the plist file, but also accessing the `limitsNaviationsToAppBoundDomains` configuration.
   
   With PR #1050 a pull request is already available to solve the configuration problem. So now, only a way to add values to the WKAppBoundDomains array within the plist file remains missing, I think.
   
   Maybe something like
   
   ```
   <preference name="AppBoundDomains">
   	<param value="example1.com"/>
   	<param value="example2.org"/>
   </preference>
   ```
   
   could be used. I won't be perfect, but at least it's possible to access this feature.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] swethachakravarthy commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

swethachakravarthy commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-902327020


   We have a cordova ios app that requires user to login via an authentication service which sets some cookies that are used later for authentication and usage of certain services. Once user is logged in, user has the ability to navigate to pages within the same domain as well as to pages that host content from a different domain via the iframe tag. And before the content is loaded into the iframe user has to be authenticated again with the same service provider that set the cookies when user first logged into the app. We are using cordova-plugin-custom-url-scheme so the the http request url for inappbrowser pages is in the format <custom scheme>://app. When user clicks on a link within our app a request is made to the external page and the content returned is displayed within the iframe but before this happens user has to be  authenticated silently through cookies that were set earlier during the initial login to the app. This workflow was working fine prior to iOS 14+ but not worki
 ng any more. Since the domain from which pages are loaded in the iframe is different from the domain that hosts the iframes(i.e. 'app' in this case) ITP goes into effect and prevents access to authentication cookies that were set outside the parent page hosting the iframe. I'm looking for a workaround so the page hosted within the iframe from another domain has access to the cookies set in the parent context and user is automatically logged in silently and content gets displayed within the iframe. I think App Bound Domains seemed to have worked well for some people to overcome ITP issues. So I added these entries in info.plist file.
   ```
   <key>WKAppBoundDomains</key>
       <array>
           <string>app</string>
          <string>**XYZ.com( domain of page hosted within the iframe)**</string>
       </array>
   ```
   I have also added the code snippet below to the method createConfigurationFromSettings in the file CDVWebViewEngine.m 
   ```
     if(@available(iOS 14.0, *)) {
           configuration.limitsNavigationsToAppBoundDomains=true;
       }
   ```
   But I'm still having the same issue of an error being displayed when user clicks on the link that opens up the page with an iframe hosting content from a web page from a different domain. The authentication step prior to navigating to iframe url fails most likely as authentication cookies set earlier are no longer accessible within the iframe. Can someone who has had a similar problem and who were able to solve this problem please let me know whats missing?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] tymcdowell commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

tymcdowell commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830707400


   @adamdport My app uses the cordova-plugin-ionic-webview and, until xcode 12, all was good.  My app does authentication with a 3rd party and now the cookie will not stick. I've changed the app to use App Bound Domains, but now I get an error on startup in the web console.  It seems to be complaining about my index.html not being part of the domain list.  Can you share how you whitelisted the main index file?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-814254493


   I don't understand what changed, but my app is now working without requiring AppBoundDomains, so please take this feature request with a grain of salt. If you've arrived here and have an app running on `cordova-ios@6` and have functional cross-origin cookies working with or without App Bound Domains, please leave a comment. Thanks.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] adamdport commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

adamdport commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830716659


   @tymcdowell App Bound Domains don't restrict past the domain level. In other words, you can't whitelist index.html–you can only whitelist the domain that index.html is hosted under (eg. yourdomain.com if your app is served from ionic://yourdomain.com, looks like this is configured under the `hostname` preference according to the [ionic docs](https://github.com/ionic-team/cordova-plugin-ionic-webview#android-and-ios-preferences)). These domains are added in your app's plist as documented here: https://webkit.org/blog/10882/app-bound-domains/
   
   ```
   <plist version="1.0">
   <dict>
   <key>WKAppBoundDomains</key>
   <array>
       <string>example1.com</string>
       <string>example2.org</string>
       ...
   </array>
   </dict>
   ```
   
   But to be clear I don't use Ionic so I can't say for sure whether it's working there. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] tymcdowell commented on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

tymcdowell commented on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-830718368


   My app isn't ionic either, but the plugin resolved some early issues with the transition from UIWebView to WKWebView. I did put the hostname I set for the app in the WKAppBoundDomains and it complains about the root index file which I assume would report running under that domain. Is your app a Cordova app? You don't use this plugin? I have no issue running against my own domain, it is just when I go outside of it, I experience issues with the cookies.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org

[GitHub] [cordova-ios] victorvhpg edited a comment on issue #1088: Feature Request: Support iOS App Bound Domains to enable CORS authentication cookies

Posted by GitBox <gi...@apache.org>.

victorvhpg edited a comment on issue #1088:
URL: https://github.com/apache/cordova-ios/issues/1088#issuecomment-815250431


   please fix these bug.
   ios 14  cordova ios 6+ dont send cookies 
   we use aws load balance that only use cookies for "sticky session feature" 
   we need cookies to bind a user's session to a specific instance ([aws load balance](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-sticky-sessions.html)) "sticky session feature"


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org