Closed dpix closed 6 years ago
Hi @dpix, thanks for reporting this issue.
In our standard integration, the SDK is integrated into the page directly instead of in an iframe, which has been tested with Safari's "Intelligent Tracking Prevention," but our goal is of course to make our SDK as flexible, resilient, and cross-browser consistent as possible, so I consider this a bug. We're investigating ways we can avoid this issue and will get back to you.
Thanks again.
Thanks @froodian
I'm not specifically using the SDK inside an IFrame. I work on a payments platform where our web app is often loaded into a merchant's website via an IFrame. Other times, users go directly to the site in the top frame of the browser which works perfectly well. Does that fall outside of a "standard integration"?
Anyway, thanks for investigating!
Cheers, Dan
Hi @dpix - thank you for your patience - version 2.2.3 of the SDK has now been released to https://js.appboycdn.com/web-sdk/2.2/appboy.min.js / https://js.appboycdn.com/web-sdk/2.2/service-worker.js and based on our testing should hopefully resolve this issue. Let me know if you still see this issue with the latest version of the Web SDK.
I'm seeing the error described in this stackoverflow question when calling appboy.openSession: https://stackoverflow.com/questions/39712455/indexdb-dom-exception-18-security-ios-10-iframe
As part of Safari's "Intelligent Tracking Prevention" they basically disable third party cookies in an Iframe when the user has not visited the page outside of an Iframe previously. Appears that this is also the case for access for IndexedDB.
The MDN article does note:
https://developer.mozilla.org/en-US/docs/Web/API/IndexedDB_API/Using_IndexedDB#Security
Looks like you need a check to see if you can set third party cookies, and if not fall back to another storage medium.