search

ionic-team / ionic-v3

The repo for Ionic 3.x. For the latest version of Ionic, please see https://github.com/ionic-team/ionic
Other
127 stars 86 forks source link

ios api calls fail to send session cookie via ssl since 16/01/2020 #1086

Open ShayShaked opened 4 years ago

ShayShaked commented 4 years ago

This issue is not Ionic issue but seems like a problem for Ionic apps working with .Net Web API as server side.

Current behavior: Since 16/01/2020 most of our ios 13.x users having issues with sending API calls (via https) to our backend. It looks like that the session cookie isn't been sent back to the server what causing the server to return empty session data (session data being stored in the server). Hence, it looks like the problem caused by the ios webview not storing the cookie that being generated by the server. Also, the strange thing is that the app works fine in test environment which works without https. We saw alot of issues about WKWebView but non was helpful.

Our backend written in C# Web API. Our app worked fine from 06/2017 until yesterday.

Expected behavior: API calls being sent to the server succeed with retreiving and sending the matching session cookie.

Steps to reproduce: Create simple Web api server app that works over https. Send data from the ios client app to the server. server will store some specific user data in session. Than ios app will try to send another api call to retreive the stored data.

Other information: https://github.com/ionic-team/ionic/issues/18178

Ionic info: (run ionic info from a terminal/cmd prompt and paste output below):

Cordova CLI: 8.0.0 Ionic Framework Version: 2.0.0-rc.4 Ionic CLI Version: 2.2.1 Ionic App Lib Version: 2.2.0 Ionic App Scripts Version: 1.0.0 ios-deploy version: 1.9.2 ios-sim version: Not installed OS: macOS Node Version: v10.15.3 Xcode version: Xcode 11.3 Build version 11C29

longgt commented 4 years ago

https://bugs.webkit.org/show_bug.cgi?id=200857 https://bugs.webkit.org/show_bug.cgi?id=204109

longgt commented 4 years ago

@ShayShaked I saw you left a comment on 200857 issue, and this is a WebKit bug, not Ionic, right?.

ShayShaked commented 4 years ago

@longgt After much research seems like webkit update + microsoft update (I think it's KB4532997) for SameSite default value in web.config (server is .Net Web API), not Ionic problem. But, I think this issue is related to all hybrid apps and platforms that work with .Net Web API. We didn't solve the issue yet, as it seems like after a fix in the server we encounter a problem with iOS 12+. I'll update the subject of the issue. thanks!!