[Bug] [iOS] cookies not stored when automatically following redirects

[fishbone1]

Describe the bug Cookies of redirecting HTTP responses (e.g. status code 302) are not stored. Only the cookies of the redirection's target location HTTP response are stored.

System info

• affected HTTP plugin version: Sorry, I don't know at the moment, as I found this while debugging an app that has been developed by someone else. I'll add it later
• affected platform(s) and version(s): iOS 14 (probably all)
• affected device(s): iPad Pro 11"
• cordova version: see above
• cordova platform version(s): see above

Minimum viable code to reproduce If applicable, add formatted sample coding to help explain your problem.

e.g.:

cordova.plugin.http.setFollowRedirect(true);
cordova.plugin.http.sendRequest(MY_URL, {}, () => {
    // Cookies of MY_URL will be missing. Cookies of the redirection target are available
    console.log(cordova.plugin.http.getCookieString(MY_URL));
}, console.error);

Workaround

This patch solves the problem. But I'm not sure if it follows the redirect correctly in all cases. For instance I'm not sure how to treat headers. Send the same headers to the redirection target? At the moment it works for us:

if (!window.orginalSendRequest) {
    cordova.plugin.http.setFollowRedirect(false);
    window.oxDoFollow = true;
    window.setFollowRedirect = cordova.plugin.http.setFollowRedirect;
    cordova.plugin.http.setFollowRedirect = function(doFollow) {
        window.setFollowRedirect(false);
        window.oxDoFollow = doFollow;
    }
    window.originalSendRequest = cordova.plugin.http.sendRequest.bind(cordova.plugin.http);
}
cordova.plugin.http.sendRequest = function(url, options, onSuccess, onError) {
    window.originalSendRequest(url, options, onSuccess, function(r) {
        if (window.oxDoFollow && r.status >= 300 && r.status < 400) {
            cordova.plugin.http.sendRequest(r.headers.location, options, onSuccess, onError);
            return;
        }
        onError.apply(this, arguments);
    });
};
cordova.plugin.http.setFollowRedirect(true);

[chun-baoluo]

@silkimen Same problem here on both Android and iOS. Can you check this out? Currently, I can't perform OAUTH authorisation properly.

[andmar8]

I'm not sure. but this sounds very much like a problem I'm experiencing, on authentication (with setFollowRedirects set to true) we are having users report they struggle to login or on app reload, lose a login session... which sounds like they are losing or not having cookies issued. We are yet to be able to actually reliable replicate the problem in a test environment but have plenty of users saying something is wrong with authentication.

"If" this is the same thing, I can report I'm using v3.1.0 of the plugin, cordova android 9.0.0 and ios 6.1.1 and it "seems" to be happening exclusively on ios, most reports curiously seem to be ios 14.7.1 (that could be a coincidence), but we get a mix of supported devices and ios14+ versions reported

[silkimen]

Hi guys, I'm sorry for the inconvenience you are experiencing. This is an old known issue of this plugin, see #148. Unfortunately, I had no time to fix this. Would someone mind creating a PR for this?

[silkimen]

I'm closing this ticket, please follow up on #148.