cordova-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jim Trainor (JIRA)" <j...@apache.org>
Subject [jira] [Comment Edited] (CB-11045) Use the custom CDVWebViewEngine and add automatic cookies sharing
Date Tue, 20 Mar 2018 22:51:00 GMT

    [ https://issues.apache.org/jira/browse/CB-11045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16407148#comment-16407148
] 

Jim Trainor edited comment on CB-11045 at 3/20/18 10:50 PM:
------------------------------------------------------------

Yes, you do need a landing page after the login in order to add the JWT generation.  In my
case I am using OpenID and the final step redirects to a success page. That's where I implement
the JWT logic. 

If you have no choice but to share cookies then I suggest you look for plugins that let you
do that (i.e. share the cookie cache between the cordova app and the webview).  I investigated
that option, and they do exist, but I did not attempt an implementation.  Even with that,
it wouldn't work in my case, because some OpenID  providers (Google, at least) detect the
webview and prevent the login - they want it going through the system browser because the
user experience is better (because their login is remembered, hence no need to renter credentials).


was (Author: jptrainor):
Yes, you do need a landing page after the login in order to add the JWT generation.  In my
case I am using OpenID and the final step redirects to a success page. That's where I implement
the JWT logic. 

If you have no choice but to share cookies then I suggest you look for plugins that let you
do that (i.e. share the cookie cache between the cordova app and the webview).  I investigated
that option, and they do exist, but I did not attempt an implementations.  Even with that,
it wouldn't work in my case, because some OpenID  providers (Google, at least) detect the
webview and prevent the login - they want it going through the system browser because the
user experience is better (because their login is remembered, hence no need to renter credentials).

> Use the custom CDVWebViewEngine and add automatic cookies sharing
> -----------------------------------------------------------------
>
>                 Key: CB-11045
>                 URL: https://issues.apache.org/jira/browse/CB-11045
>             Project: Apache Cordova
>          Issue Type: Wish
>          Components: cordova-plugin-inappbrowser
>         Environment: iOS, Android
>            Reporter: Masmejean Jonathan
>            Priority: Critical
>              Labels: CDVWebViewEngine, android, cookies, inappbrowser, ios
>
> Hello,
> With the new version of cordova-lib (>=5.4.x), cordova-ios (>=4.x) and cordova-android
(>=5.2.x) you have the ability to choose a WebView engine for your app. 
> On iOS, you have the ability to use the new WKWebView engine and for Android you can
use for example the CrossWalk WebView which use the latest chromium WebView for android.
> At the moment, with InAppBrowser plugin you are using the default/old/basic WebView system
(UIWebView or Chromium 4.4 WebView). So, for every users that need/want to use the new WebView
system for their app encounters a lot of issues, especially with cookies sharing functionality...
Which is really sad when you are using an external Authentication system (like Keycloack)
to log you users in or out, and when you are using secured iFrames that need cookies to bet
set on your app.
> It could be great to make the InAppBrowser plugin use the CDVWebViewEngine everywhere
and had automatic cookies sharing between the app and the popup (and vice versa). 
> That should avoid the merge and fix the https://github.com/apache/cordova-plugin-inappbrowser/pull/122
issue.
> Have you planned to use this new engine already ? If it is the case, when do you think
it will be released ?
> Thank you for you time.
> Regards.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@cordova.apache.org
For additional commands, e-mail: issues-help@cordova.apache.org


Mime
View raw message