Github user Sinistralis commented on the pull request:
https://github.com/apache/cordova-plugin-inappbrowser/pull/122#issuecomment-152334883
>The fact that iOS shares cookies is a defect imho.
I would be completely ok with agreeing with this. I just want constancy,
assuming...
>That said, I think what 'should' happen is that this 'feature' should be
exposed as an option.
the above is the case. Sharing cookies in an HTTP only environment is
crucial to certain workflows, assuming the cookie is not passed into the JS
code.
>Also, do domain rules apply? If so this is less of an issue. If I load
google.com inside the iab on iOS, can google.com access cookies I set from
within my app?
Yes it can, this was actually how I was testing this. I needed the tab to
log into an SSO workflow, and then on url change start making ajax requests in
the cordova webview. Currently on iOS, once the spawned iab completes it's
transaction, the cordova webview is able to make secured web calls using the
token that the iab received.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@cordova.apache.org
For additional commands, e-mail: dev-h...@cordova.apache.org
