[Logo] Enterprise Client Community
  [Search] Search   [Recent Topics] Recent Topics   [Members]  Member Listing   [Groups] Back to home page 
[Register] Register / 
[Login] Login 
iOS Safari - Cookies...  XML
Forum Index -> Deployment
Author Message
CaptainCasa

Power User
[Avatar]

Joined: 21/11/2007 12:23:06
Messages: 5510
Offline

Hi,

some report on evaluation of scenarios on iOS in which there were problems with the security-id that is sent with requests as cookie:

There are problems on iOS-Safari - because Cookies of IFRAMEs are in general ignored and the browser does not send them into the IFRAME's application. Problems occur in https scenarios "only"... (there is no sending of Security-Cookies for http...), and they occur in scenarios "only" in which an embedded IFRAME-URL is loaded from some different origing than the outside page.

There are two ways out... (well, actually only one):

1. Switch off the "Avoid cross-sitetracting" in the iOS configuration (Configuration > Safari > Disable Cross-Sitetrackinh). Well, unfortunately you can only configure this on this very rough level (on/off) - you e.g. cannot configure on per-site base.

2. You need to arrange all the applications of your scenario that you want to access by IFRAME behind one origin-web-address. So, all applications have to be reachable by the same address https://yourserver:yourport - This normally means: arrange some server (Apache, HAProxy) in front of you server-applications which distributes the requests to the corresponding applications.

Kind regards! Björn

Björn Müller, CaptainCasa GmbH
 
Forum Index -> Deployment
Go to:   
Powered by JForum 2.1.6 © JForum Team