Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

iOS CookieManager.getCookies - Check that URL has suffix of cookie do… #658

Merged
merged 1 commit into from
Jan 28, 2021
Merged

iOS CookieManager.getCookies - Check that URL has suffix of cookie do… #658

merged 1 commit into from
Jan 28, 2021

Conversation

arneke
Copy link
Contributor

@arneke arneke commented Jan 28, 2021

Connection with issue(s)

Resolve issue #449

Connected to #510 #550 #573

Testing and Review Notes

The linked issues are not detailed enough to be certain, but there is a bug in the iOS implementation of the CookieManager and the observed behaviors can be explained by this bug.

E.g. you have sites api.example.com and www.example.com. To create a cookie that is visible on both sites requires you to specify the domain as .example.com when calling setCookie.

So instead of checking whether cookie domain contains the host of the URL ".example.com".contains("www.example.com"), we should check whether the cookie domain is the suffix of the current URL: "www.example.com".hasSuffix(".example.com")

Tested by using onLoadStop and visiting a bunch of webpages, comparing with desktop browser cookies.

@pichillilorenzo
Copy link
Owner

Thanks for the fix! 👍

@pichillilorenzo pichillilorenzo merged commit c65ee34 into pichillilorenzo:master Jan 28, 2021
@pichillilorenzo
Copy link
Owner

I found a problem with this. If for example, I get all the cookies from https://flutter.dev/, the urlHost is flutter.dev (without www.), so using urlHost.hasSuffix(cookie.domain) won't get some cookies that have domain .flutter.dev (such as "_ga" or "_gid").
I think it should be to: urlHost.hasSuffix(cookie.domain) || cookie.domain.hasSuffix(urlHost).
This way we will have ".flutter.dev".hasSuffix("flutter.dev") that would be true for both cookies with .flutter.dev and flutter.dev as domain and it should work also with hosts that starts with www..
I will fix it within the next commit!

# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants