Closed astapinski closed 2 years ago
Bump, I'd like to get this PR merged in if possible. Let me know if there's any concerns.
:tada: This PR is included in version 6.2.0 :tada:
The release is available on:
Your semantic-release bot :package::rocket:
Awesome, thanks!
Description
I'm submitting a PR to implement the Android CookieManager removeSessionCookies method. Docs on what this does exactly are at the Android CookieManager documentation. As a quick description, this lets developers remove all cookies that are session cookies. These are cookies with no Expires attribute.
We use Rails with the Devise gem to handle authentication. Rails sets a session cookie with no Expires attribute and a remember user cookie with a desired expiry. Currently, the session cookie will never be removed as per how Android operates so the remember period is effectively ignored on Android. So implementing this method will give RN developers a way of controlling whether they want to clear these out. As an example, we call this prior to checking with an API call if the user is still logged in during the startup of the app.
Type of change
How Has This Been Tested?
I have used MITMProxy with an Android API 30 emulator and a API 28 LG G6 phone to verify that session cookies can be removed prior to performing a
fetch
call in RN and it removes the session cookies from the next call correctly. This should also work for Android webviews as well.