cordova-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sinistralis <...@git.apache.org>
Subject [GitHub] cordova-plugin-inappbrowser pull request: Added Android cookie sha...
Date Thu, 29 Oct 2015 21:34:56 GMT
Github user Sinistralis commented on the pull request:

    https://github.com/apache/cordova-plugin-inappbrowser/pull/122#issuecomment-152334883
  
    >The fact that iOS shares cookies is a defect imho.
    
    I would be completely ok with agreeing with this. I just want constancy, assuming...
    
    >That said, I think what 'should' happen is that this 'feature' should be exposed as
an option.
    
    the above is the case. Sharing cookies in an HTTP only environment is crucial to certain
workflows, assuming the cookie is not passed into the JS code.
    
    
    
    >Also, do domain rules apply? If so this is less of an issue. If I load google.com
inside the iab on iOS, can google.com access cookies I set from within my app?
    
    Yes it can, this was actually how I was testing this. I needed the tab to log into an
SSO workflow, and then on url change start making ajax requests in the cordova webview. Currently
on iOS, once the spawned iab completes it's transaction, the cordova webview is able to make
secured web calls using the token that the iab received.


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastructure@apache.org or file a JIRA ticket
with INFRA.
---

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org


Mime
View raw message