问题
I am developing an app for our company; because of legacy reasons when the user logs in we use a third party JSESSIONID cookie.
Issue
What I am seeing is that the cookie when sent to the client is not saved, and therefore not sent on subsequent requests to the server. As such, the server does not think the user is logged in.
Normally I would attribute this to the blocking of 3rd party cookies feature of WebKit/View, but I have turned this off in the Safari settings.
As an FYI we have an Ionic/Cordova project that is based on the same code and it works fine in iOS.
- If I use the Add-in on MacOS (Native Outlook and Outlook Web) it works fine.
- Works fine in Chrome/Firefox as well.
- Works in Android on Outlook for Android app
Our server sets all the correct CORS headers as well.
Since the add-in is just a webapp, I can launch it directly in Safari on iOS, and login there; this also works.
I am aware that Apple regressed WebKit in version 12 (CORS related), but they fixed it in the latest version of iOS 13/MacOS. However, Outlook for iOS (WebView) does not appear to be saving cookies. I can see that looking at the requests coming to the server, they are missing the SessionID which was sent to the client.
I can also see it from the requests when I run through a proxy (Charles) that the Cookie header is not set.
It is also almost impossible to debug the WebView in Outlook for iOS (the webview does not show up in the Safari Developer menu on my Mac). I am easily able to debug other WebViews such as the mobile project mentioned above.
Question
Is the Webview configured to prevent 3rd party cookies explicitly? if yes, can it be turned off somehow? I have turned off the 3rd party tracking in Safari, but that does not appear to help.
I have been reluctant to use the DialogJS API since the login flow is working on my Mac; and this would considerable change our UX for login. Also, I have not seen any examples of using this API for a mobile project. Can it be used with a mobile project, and if so what would it look like?
All the examples relate to the desktop only.
来源:https://stackoverflow.com/questions/60063357/outlook-web-add-in-for-ios-not-persisting-3rd-party-cookies-works-in-safari